Start up: revising China’s phones, oldies don’t buy music, a disabled view of Apple Watch, Brexit raises tech prices, and more

Posted on July 7, 2016 by charlesarthur

Conference calls: we all hate them, right? But what if you could tune out and let a computer do the work of listening? Photo by alexhung on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Using speech-to-text to fully check out during conference calls • Github

Josh Newlan:

»This script listens to meetings I’m supposed to be paying attention to and pings me on hipchat when my name is mentioned.

It sends me a transcript of what was said in the minute before my name was mentioned and some time after.

It also plays an audio file out loud 15 seconds after my name was mentioned which is a recording of me saying, “Sorry, I didn’t realize my mic was on mute there.”

Uses IBM’s Speech to Text Watson API for the audio-to-text.

«

Two thoughts. Probably shouldn’t have given his real name on this; anyone else itching to use this?
link to this extract

Surprise! It’s the older people who don’t pay for music • Business Insider

Nathan McAlone:

»

This makes intuitive sense given the nostalgia many have for the music of their youth, which makes new purchases less likely as time goes on. But it also brings up an important point about the future of music.

The music industry seems to be in the midst of an unstoppable move toward streaming services like Spotify and Apple Music, and unlike digital downloads, this model is built on paying for access instead of ownership. You pay a monthly fee and get to listen to anything on Spotify.

This means that the age graph above could actually change over time. When the 46% of 18 to 24-year-olds who have paid for music in the last month push past 65, does that mean they will cancel their Spotify accounts? Likely not, as this would mean not only losing the ability to find new music, which they might cease to care about, but also being able to listen, on-demand, to those old songs that have been woven into their emotional memory.

This could boost the revenues of the music industry, which some analysts already think is headed for a big turnaround.

«

Though it doesn’t show how much they paid for music. On average, people who buy downloads or CDs get an album a month – about the same as a music service subscription.
link to this extract

F.B.I. director James Comey recommends no charges for Hillary Clinton on email • NYTimes.com

Mark Landler and Eric Lichtblau:

»on a day of political high drama in Washington, Mr. Comey rebuked Mrs. Clinton as being “extremely careless” in using a private email address and server. He raised questions about her judgment, contradicted statements she has made about her email practices, said it was possible that hostile foreign governments had gained access to her account, and declared that a person still employed by the government — Mrs. Clinton left the State Department in 2013 — could have faced disciplinary action for doing what she did.

To warrant a criminal charge, Mr. Comey said, there had to be evidence that Mrs. Clinton intentionally transmitted or willfully mishandled classified information. The F.B.I. found neither, and as a result, he said, “our judgment is that no reasonable prosecutor would bring such a case.”

The Justice Department is highly likely to accept the F.B.I.’s guidance, which a law enforcement official said also cleared three top aides of Mrs. Clinton who were implicated in the case: Jake Sullivan, Huma Abedin and Cheryl D. Mills.

«

But:

»In saying that it was “possible” that hostile foreign governments had gained access to Mrs. Clinton’s personal account, Mr. Comey noted that she used her mobile device extensively while traveling outside the United States, including trips “in the territory of sophisticated adversaries.”

«

Dear Hillary, please read on for useful advice.
link to this extract

Securing a travel iPhone • Filippo

Filippo Valsorda (who works at CloudFlare’s security team) has a number of recommendations, with the general ones being:

»Turn the phone off before entering any situation that might lead to you being coerced to use your fingerprint to unlock the phone. ProTip: if you reboot the phone and not unlock it, it will still let you listen to music if you use the EarBuds remote.

Upon entering hostile networks, start refusing iOS, app and carrier updates. Use Airplane mode extensively. Turn off WiFi when you don’t need it.

Avoid syncing or pairing the phone with a computer. To extract pictures, use Dropbox Camera Upload with a dedicated account and a shared folder going to your primary account. To save notes, message or email them to your main account. (Remember that email is unencrypted!)

Needless to say, keep the phone on your person at all times.

«

You’d have to be expecting pretty hostile security environments for this stuff, but some people do. Maybe Hillary Clinton’s next phone will be one of these?
link to this extract

Centre Stage Applewatch • Molly Watt Trust

“Lady Usher” has Usher’s syndrome, which means that she is profoundly deaf and is losing her sight:

»I used to rely wholly on my cumbersome iPhone6+ to help me to navigate the maze of London’s streets with my guide dog. Most people don’t realise that you need both hands to work a guide dog, and I had to clumsily juggle the lead, harness and phone, while trying to orientate myself to where I was going. The sun’s glare often made it impossible for me to read the screen. I was stopped twice by police officers telling me to put my phone away, apparently, ‘a blind person carrying a phone is asking for trouble’.

My new AppleWatch has made things so much easier. I simply key in my route on my phone, pop it in my bag and the watch, hidden safely on my wrist, vibrates to tell me to go left and right using two different tactile pulses. Another signal lets me know when I have arrived at my destination. It is such a simple idea and so damn enabling.

Just three weeks after I got the watch, my guide dog and I entered a month-long team steps challenge at my work place. Together, we walked almost 200 miles through the busy streets of London, simply by following the vibrations of the AppleWatch and the simple on screen instructions. For the first time ever, it felt like we owned the streets. The whole of London has opened up to me for the first time since I lost my sight.

«

As she says,

»”If there was ever a good time to be losing your sight when you are already deaf, it is 2016. We are on the verge of great technology breakthroughs that will help to level the playing field even for those who are both deaf and blind. Driverless cars, haptic virtual reality, wearable technology – they will all soon be an everyday reality.”

«

Often we forget how transformative tech really can be.
link to this extract

The AI that (almost) lets you speak to the dead • Ars Technica UK

Bob Dormon:

»The source of this existential conundrum is Luka, a company that focuses on what it calls “high-end conversational AI.” It has a free iOS app, also called Luka, which seems pretty benign, featuring a number of chatbots covering a range of tasks that rely on text input to respond and interact in a friendly way. That’s a lot more than just the Q&A you get with Siri. The company develops new chatbots for all sorts of different purposes all the time. For instance, three recent ones are based on the cast of the HBO series Silicon Valley. Fans can talk to these fictional characters and get responses in keeping with their on-screen persona.

Very recently however, Luka was adapted in a brand new way, to include a chatbot based on a real human being—one who just so happens to be dead. It’s this ghost-in-the-machine that has the audience spellbound, as Luka’s cofounder Eugenia Kuyda explains how text messages, social media conversations, and other sources of information on the deceased were grafted onto an existing AI platform. It started out as an experiment that, in a matter of months, enabled her and others to continue to interact with Roman Mazurenko, a fellow Russian who had died in a road traffic accident in November last year, the man she describes as her soul mate.

«

Amazingly, the whole (quite long) feature goes all the way through without once mentioning that this was pretty much the basis of an episode of Black Mirror.
link to this extract

Amazon.com: Matthew Garrett’s review of AuYou Wi-Fi Switch, Timing Wireless Smart …

Garrett is a security researcher, and he got one of these free in return for writing an honest review. Hold tight:

»In practice the app is looking for a network called “SmartPlug” and this version of the hardware creates a network called “XW-G03”, so it never finds it. I ended up reverse engineering the app in order to find out the configuration packet format, sent it myself and finally had the socket on the network. This is, needless to say, not a reasonable thing to expect average users to do. The alternative is to find an older Android device or use an iPhone to do the setup.

Once it’s working, you can just hit a button on the app and your socket turns on or off. You can also program a timer. If your phone is connected to the same network as the socket then this is just done by sending a command directly, but if not you send a command via an intermediate server in China (the socket connects to the server when it joins the wireless and then waits for commands)…

…This is a huge problem. If anybody knows the MAC address of one of your sockets, they can control it from anywhere in the world. You can’t set a password to stop them, and a normal home router configuration won’t block this. You need to explicitly firewall off the server (it’s 115.28.45.50) in order to protect yourself. Again, this is completely unrealistic to expect for a home user, and if you do this then you’ll also entirely lose the ability to control the device from outside your home.

In summary: by default this is stupendously insecure, there’s no reasonable way to make it secure, and if you do make it secure then it’s much less useful than it’s supposed to be. Don’t buy it.

«

Apart from that, how’s it going with the Internet of Things? (AuYou has withdrawn the device from sale.)
link to this extract

Asian market turmoil: HTC and Huawei down, Vivo, OPPO and Asus on the rise • AndroidAuthority

Kris Carlon:

»this year Huawei looks to be in a little trouble. While still maintaining the number one spot in terms of production volume estimates (a loose indicator of sales success), Huawei’s dominance looks to be on the decline. Market analysts TrendForce have just downgraded Huawei’s production estimates for the year. This potentially puts the number one spot up for grabs next year as other OEMs ascend rapidly.

Just as Huawei is starting to plateau, smaller companies like Vivo and OPPO are on the rise. While Huawei’s predicted growth has been lowered to 10.2% year-on-year, OPPO has been estimated to grow by 59.2% and Vivo by 40.4%. Xiaomi and Lenovo are expected to see negative growth in 2016, continuing their decline. Meanwhile, young upstart LeEco is enjoying massive growth of 300% year-on-year, even if its production volumes are still well below its more established competition.

«

OPPO and vivo are low-end devices; Huawei is pushing into the higher-end space. Xiaomi and Lenovo have problems though if that forecast holds.
link to this extract

Tech companies blame price rises on Brexit vote • BBC News

Leo Kelion:

»US computer-maker Dell and the Chinese smartphone company OnePlus are both raising their prices in the UK and saying the move is the result of the nation’s vote to leave the EU.

Another company, used by several camera equipment-makers to bring their goods to the UK, has also revealed it will soon follow suit. Intro 2020 said it had been “punched in the stomach very hard” by sterling’s drop after the Brexit referendum. Experts predict further price rises.

The pound hit a fresh 31-year low against the dollar earlier on Wednesday – it has dropped more than 12% since the eve of the Brexit referendum result. Falls against some Asian currencies have been even larger.

«

Others will follow; it’s just going to be a matter of time. Only a lunatic would have hedged for that big a drop in sterling, which means dollar-denominated prices will rise in a month or two.
link to this extract

HummingBad malware puts 10 million Android devices at risk • SlashGear

JC Torres:

»According to Check Point, as many as 10m devices around the globe have infected apps installed on their Android smartphone or tablet. Unsurprisingly, majority of those come from China, India, and the usual Asian countries, but the US isn’t clean of it either.

At the moment, however, HummingBad isn’t doing maximum damage. It does attempt to root devices in order to further spread its malware, install more infected apps, and whatnot. Failing to do that, it has fallback measures to gain access. All of these are being done in the name of generating ad revenue. However, considering it tries to gain root access, its actual potential is far more frightening. That said, based on Check Point’s own data, older Android devices are more prone to getting infected, with Android 5.0 Lollipop and Android 6.0 Marshmallow showing the smallest shares.

However, it is the narrative around HummingBad that is actually more worrying. Check Point traced the malware to a Chinese entity named YingMob, which turned out to be a mobile ad server company. In a nutshell, it is actually a legit company partnering with other legit companies to serve ads. Most malware groups turn to hide underground, but YingMob operates out in the open, though the group behind HummingBad is just one part of the company.

«

Usually Android malware is restricted to China; this is unusual and worrying.
link to this extract

Errata, corrigenda and ai no corrida:

Start up: Schrödinger’s Satoshi, the trouble with VC funding, stalking with Waze, dentists get malware, and more

Posted on May 3, 2016 by charlesarthur

Would you put yourself in front of a rifle underwater?

You can sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link. So troubling

A selection of 10 links for you. Proceed in a westerly direction. I’m charlesarthur on Twitter. Observations and links welcome.

Craig Wright’s New Evidence That He Is Satoshi Nakamoto Is Worthless | Motherboard

Jordan PEarson and Lorenzo Francheschi-Bucchierai:

»While that [blogpost signature] looks legit, according to experts, the evidence Wright provided seems to actually be worthless. As it turns out, Wright simply reused an old signature from a bitcoin transaction performed in 2009 by Satoshi.

Dan Kaminsky, a well-known security researcher, wrote in a post debunking Wright’s alleged evidence that the whole thing is a scam. “Satoshi signed a transaction in 2009. Wright copied that specific signature and tried to pass it off as new,” he added on Twitter. “He’s lying. Full stop.”

Longtime bitcoin developers also pointed out that this signature could have been copied from a public source, and does not prove that Wright controls the associated addresses.

“It would be like if I was trying to prove that I was George Washington and to do that provided a photocopy of the constitution and said, look, I have George Washington’s signature,” Bitcoin developer Peter Todd said.

Todd added that someone contacted him by email two weeks ago, claiming to be Satoshi, and using the same signature trick as proof. He says he ignored the email.

«

In the space of a few hours this story went from “Bitcoin inventor found!” to “HOAAAAXX!”, leaving a lot of very puzzled citizens in the middle. The point about the “ignored email” could be key: if Wright, or someone, has been hawking this around, something is fishy.
link to this extract

Physicist fires a gun at himself underwater to prove a point » Mashable

»

To demonstrate the difference between air and water resistance, Norweigan physicist Andreas Wahl decided to plonk himself in front of a submerged rifle and pull the trigger.

«

Fantastic. Turns out that if you search on Wahl’s name on YouTube, he’s done a ton of these sorts of experiments.

It does however show that Leonardo DiCaprio need not have been so worried when he jumped into that river while being pursued by rifle-wielding enemies in The Revenant. Bigger risk was hypothermia.

link to this extract

Theranos and Elizabeth Holmes expose the perverse incentives at work in Silicon Valley » Quartz

Jay Edelson and Christopher Dore, of the law firm Edelson (which has taken class actions against a number of tech companies), argue that the VC model drives companies to ignore rules:

»Take Zynga, the gaming company responsible for Farmville, which has earned the moniker “Scamville” for its allegedly deceptive advertising. The co-founder of Zynga, Mark Pincus, famously said, “I knew I needed revenues…. Like I needed revenues now. So I funded the company myself but I did every horrible thing in the book … just to get revenues right away.” While Pincus, incredibly, made this statement in public, he expressed the private sentiment of countless entrepreneurs faced with the ticking of the VC clock. (Disclosure: our law firm, Edelson PC, has brought class-action lawsuits against Zynga and some of the other companies mentioned below, but not for the conduct discussed in this article.)

This is bad for investors, including venture investors who care just about growth. (Fraudulent companies are, at best, an unreliable source of revenue.) But the reckless pursuit of growth often comes at consumers’ expense as well. That’s because the way that companies grow rapidly is to expand their user bases by hook or by crook, in a process called “growth hacking.”

One of the most common examples of this involves “spam-viting,” or hijacking a consumer’s contact list to blast them with text messages or emails, knowingly in violation of various federal and state statutes. Companies spam-vite because it works. Sending millions of text messages or emails to consumers, dressed up as if they came from those consumers’ friends, is a viable, illegal way to grow a business quickly. LinkedIn, for example, settled a lawsuit for $13 million over its practice of repeatedly sending “add connections” emails to a new user’s entire email contact list. And TextMe, a text-based social network, generated its growth by sending a large volume of text messages to new user’s phone contacts, although it eventually won its legal battle with the Federal Communications Commission.

The pressure to growth-hack begets pressure to disregard the law, at least temporarily.

«

This is a terrific essay; you read it and think “wow, that’s so true”. The saying in Silicon Valley is “it’s better to ask forgiveness than ask permission”; it’s how so many of today’s giants got started – Google, YouTube, Uber and AirBnB being particular examples. All broke, or break, the rules in many ways regularly.
link to this extract

Google and Microsoft have made a pact to protect surveillance capitalism » The Guardian

Julia Powles on the surprising (to many) decision by Microsoft to withdraw from antitrust complaints and lobbying against Google:

»Microsoft today is facing a very different business ecosystem to the one it dominated in the 1990s. It needs to adapt. And it appears to want to do so by positioning itself at the heart of what Satya Nadella describes as “systems of intelligence”.

Explaining this concept at Hannover Messe 2016, Nadella defined systems of intelligence as cloud-enabled digital feedback loops. They rely on the continuous flow of data from people, places and things, connected to a web of activity. And they promise unprecedented power to reason, predict and gain insight.

This is unbridled Big Data utopianism. And it is a vision that brings Microsoft squarely into Google territory. So maybe Microsoft is pulling out of regulatory battles because it doesn’t want to shoot itself in the foot. For emeritus Harvard Business School professor Shoshana Zuboff, this gets to the core of the Google-Microsoft deal.

Zuboff is a leading critic of what she calls “surveillance capitalism”, the monetization of free behavioral data acquired through surveillance and sold on to entities with an interest in your future behaviour. As she explained to the Guardian: “Google discovered surveillance capitalism. Microsoft has been late to this game, but it has now waded in. Viewed in this way, its agreement with Google is predictable and rational.”

«

link to this extract

Are maps necessary? » ROUGH TYPE

Nick Carr, musing on Jason O’Beirne’s post (linked yesterday) about the changes in Google Maps over the years:

»O’Beirne is a bit mystified by the changes Google has wrought. He suspects that they were inspired by a decision to optimize Google Maps for smartphone displays. “Unfortunately,” he writes, “these ‘optimizations’ only served to exacerbate the longstanding imbalances [between levels of detail] already in the maps. As is often the case with cartography: less isn’t more. Less is just less. And that’s certainly the case here.”

I’m sure that’s true. Adapting to “mobile” is the bane of the modern interface designer. (And, you’ll note, the “cleaner” Google Map provides a lot of open space for future ad placements.) But, when it comes to maps, there’s something more profound going on than just the need to squeeze a map onto a tiny screen. Implicit in the Google changes is the obsolescence of the map as a navigational tool. Turn-by-turn directions and automated route selection mean that fewer and fewer people ever have to figure out how to get from one place to another or even to know where they are. As a navigation aid, the map is a vestigial organ. So why not get rid of the useful details and start to think of the map as merely a picture or an image, or a canvas for advertisements?

«

Carr has such a deliciously sardonic tone, yet deployed so sparingly and precisely, it’s shocking he isn’t British.
link to this extract

Drake’s Spotify gamble is paying off: Views just made $8m in a day » Music Business Worldwide

Tim Ingham:

»On Friday (April 29), Beyonce’s Lemonade became the biggest album of the year so far in the US.

Within another 24 hours, Drake’s Views had surpassed Lemonade’s entire week-one album download figure, with around 600,000 sales.

Views is now easily on course to smash through a million North American sales before the weekend.

Drake and his team will have breathed a big sigh of relief at this news – early vindication for a digital strategy which was by no means a safe bet.

Aside from its status as one of the most eagerly anticipated records of the year, Views (previously ‘Views From The 6’), is a complete Apple exclusive.

In its first week, it’s available to stream on Apple Music and buy on iTunes, but not available anywhere else – including physical stores.

Significantly, fans can’t ‘un-bundle’ Views on iTunes, as they could with Beyonce’s Lemonade last week; they only have the option to buy it as one package, with the exception of recent singles One Dance and Hotline Bling.

Drake took a sizable risk with this approach.

«

Really interested by how some artists can still hit it out of the ground by going for the download-only/one-service-only approach, while others can’t. It’s not just about age, either.
link to this extract

A poem about Silicon Valley, made up of Quora questions » Fusion

Jason Gilbert:

»Why do so many startups fail?
Why are all the hosts on CouchSurfing male?
Are we going to be tweeting for the rest of our lives?
Why do Silicon Valley billionaires choose average-looking wives?

What makes a startup ecosystem thrive?
What do people plan to do once they’re over 35?
Is an income of $160K enough to survive?
What kind of car does Mark Zuckerberg drive?

«

And there’s more. This is splendid.
link to this extract

Dental Assn mails malware to members » Krebs on Security

Brian Krebs:

»The American Dental Association (ADA) says it may have inadvertently mailed malware-laced USB thumb drives to thousands of dental offices nationwide.

The problem first came to light in a post on the DSL Reports Security Forum. DSLR member “Mike” from Pittsburgh got curious about the integrity of a USB drive that the ADA mailed to members to share updated “dental procedure codes” — codes that dental offices use to track procedures for billing and insurance purposes…

«

It had a launcher which would take a PC to a site which would try to download malware; and few antivirus checkers would find it.

»

In response to questions from this author, the ADA said the USB media was manufactured in China by a subcontractor of an ADA vendor, and that some 37,000 of the devices have been distributed. The not-for-profit ADA is the nation’s largest dental association, with more than 159,000 members.

“Upon investigation, the ADA concluded that only a small percentage of the manufactured USB devices were infected,” the organization wrote in an emailed statement.

«

One should now routinely assume that anything involving (a) Flash (b) USB drives is potentially a malware route. Fortunately, both are avoidable in normal life.
link to this extract

Yahoo’s $8bn black hole » Bloomberg Businessweek

Max Chafkin and Brian Womack:

»In some ways, [Yahoo CEO Marissa] Mayer’s strategy has worked. Yahoo’s apps have received stellar marks from both reviewers and users, and the company has created new lines of business that accounted for $390m in revenue last quarter. “Mavens as a revenue source didn’t exist at all in 2011 and was nascent in 2012,” Mayer said proudly on the February earnings call, using an acronym that stands for “mobile, video, native advertising, social.” Yahoo has more than 600 million mobile users, up from about 150 million before she took the job.

But those improvements are nowhere near big enough to turn the company around. “Marissa likes to present Mavens as though it should be compared to some nascent startup,” says SpringOwl’s Jackson. But startups, he points out, don’t begin with a billion users. “It’s as if Yahoo took an above-ground pool, dumped it into a bucket, and said, ‘Wow, we’re really filling up this bucket fast,’ ” he says.

And that traffic isn’t necessarily users delighting in Mayer’s new products and telling their friends; much of it comes from Yahoo paying ever-larger sums to other companies to direct their users to Yahoo’s sites and apps. It paid almost $900m in traffic acquisition fees in 2015, up from $200m in 2014. Predictably, Yahoo users are spending less and less time with its sites. A report by The Information, a tech news site, showed that as of early December, the average time spent on Yahoo properties had declined 32% for Yahoo Mail, 29% for the home page, and 20% for Tumblr over the previous 12 months.

«

link to this extract

If you use Waze, hackers can stalk you » Fusion

Kashmir Hill:

»Last week, I tested the Waze vulnerability myself, to see how successfully the UC-Santa Barbara team could track me over a three-day period. I told them I’d be in Las Vegas and San Francisco, and where I was staying—the kind of information a snoopy stalker might know about someone he or she wanted to track. Then, their ghost army tried to keep tabs on where I went.

The researchers caught my movements on three occasions, including when I took a taxi to downtown Las Vegas for dinner:

And they caught me commuting to work on the bus in San Francisco. (Though they lost me when I went underground to take the subway.)

The security researchers were only able to track me while I was in a vehicle with Waze running in the foreground of my smartphone. Previously, they could track someone even if Waze was just running in the background of the phone. Waze, an Israeli start-up, was purchased by Google in 2013 for $1.1 billion. Zhao informed the security team at Google about the problem and made a version of the paper about their findings public last year. An update to the app in January of this year prevents it from broadcasting your location when the app is running in the background, an update that Waze described as an energy-saving feature. (So update your Waze app if you haven’t done so recently!)

«

The only way not to be trackable is to choose to be “invisible”. Or not to use Waze, of course. Once more, it’s a theoretical risk – you’d need clever, determined hackers to use it against you – but it also shows how much data these apps leak intentionally.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Did you miss yesterday’s Start up: Overspill? Google’s health data grab, Intel’s mobile halt, satire wars, iPad Pro beats Surface Pro, and more.

Start up: Hubspot culture, bad citations, Wikipedia for piracy, how Tay was pre-broken, and more

Posted on March 28, 2016 by charlesarthur

Who’d have guessed that letting a browser page vibrate your phone could be abused by scammers? Photo by queenkv on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

My year in startup hell at Hubspot » Fortune

Dan Lyons got dumped by Newsweek, having been a journalist for decades, and then as a 50-something joined a Boston startup whose pitch is basically spam people (but never call it spam), created by a co-founder who is only ever referred to by his first name:

»Dharmesh’s culture code incorporates elements of HubSpeak. For example, it instructs that when someone quits or gets fired, the event will be referred to as “graduation.” In my first month at HubSpot I’ve witnessed several graduations, just in the marketing department. We’ll get an email from Cranium saying, “Team, just letting you know that Derek has graduated from HubSpot, and we’re excited to see how he uses his superpowers in his next big adventure!” Only then do you notice that Derek is gone, that his desk has been cleared out. Somehow Derek’s boss will have arranged his disappearance without anyone knowing about it. People just go up in smoke, like Spinal Tap drummers.

Nobody ever talks about the people who graduate, and nobody ever mentions how weird it is to call it “graduation.” For that matter I never hear anyone laugh about HEART or make jokes about the culture code. Everyone acts as if all of these things are perfectly normal.

«

Some people hate Lyons, but he’s never less than incisive to the point of sulphuric.
link to this extract

January 2014: potential malicious use of the HTML5 Vibrate API » Terence Eden’s Blog

This was Eden writing just over two years ago:

»There is a new API in town! HTML5 will (soon) let you make the user’s device vibrate. What fun! Obviously, it’s useful for triggering alerts, improved immersivness during gameplay, and all sorts of other fun things like sending Morse Code messages via vibration.

At the moment, Chrome (and other Android browsers) ask for permission before accessing features such as geo-location, camera, address book etc. This is a security measure to prevent your private information leaving your hands without your knowledge.

At the moment, accessing the HTML5 Vibrate API doesn’t trigger an on-screen warning. Its use is seen as pretty innocuous. Because, realistically, the worst it can do is prematurely drain your battery. Right?

I’m not so sure.

«

He was right not to be sure. Comments from this year show that this is indeed being used by scammy ads. (It’s supported on Chrome for desktop and mobile, not on Safari for desktop or mobile; you can check your browser’s capability.
link to this extract

Citation, appropriation, and fair use: News Genius picks up again where failures left off » Glenn Fleishman’s Glog

Fleishman points to previous attempts to let people write content on top of other peoples’ work:

»As with many Internet tools created without any forethought about abuse, opting out, and reporting and resolving issues, [News] Genius [which lets people put commentary onto web pages without the consent of the author] seems malicious in absence rather than in intention. As Ella [Dawson] wrote:

»

You can hate-read my content all you want—I know that is a risk of being a person who says things on the Internet. But when you create a tool that pastes commentary directly on top of my work without letting me opt-in and without providing a way for people to turn off the annotation on their pages, you are being irresponsible. You are ignoring the potential your tool has to be abused, and you are not anticipating the real harm your tool can do.

«

Contrast this with Medium’s approach to annotation on Medium’s site. Essay authors can receive public or private notes, and choose which to make public and which to remain private or delete. Commentary on a post, called “responses,” is presented at the end like comments, but each response is a full-fledged Medium post. (Last year, Medium added the ability for everyone, instead of certain outlets or requiring email, to disable responses to appear linked; they can still be made, they just don’t appear at the end of the referenced post.)

«

Past experience suggests News Genius will die a death; it’s just a question of how long it will take, and how many people will have lousy experiences like Dawson.
link to this extract

Wikipedia doesn’t realize it’s the developing world’s internet gatekeeper » Motherboard

Jason Koebler:

»If you’re just catching up, Angolans are using free access to Wikipedia and Facebook to trade copyrighted movies, music, and television shows, a development that is decidedly against Wikipedia’s rules. The product is called Wikipedia Zero, which “zero rates” all data going to and from Wikipedia websites from mobile phone users in 64 developing countries, meaning the customer doesn’t pay any money for it. In Angola, 50mb of mobile data normally costs $2.50; the median annual salary is $720.

At first glance, giving people in developing nations unlimited access to Wikipedia or Facebook’s Free Basics program seems like a no-brainer. Some access is better than no access, the thinking goes, and Wikimedia, as a nonprofit corporation focused on spreading knowledge, has gotten less public flak than Facebook has for Free Basics, which critics say serves only to indoctrinate the developing world into Facebook’s ecosystem. But the situation in Angola shows that there are problems with zero-rating that Wikimedia’s nonprofit status and knowledge-sharing mission can’t solve.

«

link to this extract

Land Registry faces privatisation » The Guardian

Heather Stewart, Hilary Osborne and Rowena Mason:

»The Land Registry is being put for up for sale less than two years after the Liberal Democrats blocked previous plans for a £1bn-plus privatisation.

Sajid Javid, the business secretary, faced immediate criticism for announcing the selloff of the 150-year-old agency – which maintains records on the ownership of land and property across England and Wales – just as the Easter break was about to begin.

Union leaders criticised what they called the “cynical” timing. Mark Serwotka, general secretary of the Public and Commercial Services union, said: “Homebuyers and owners rely on the Land Registry to provide an impartial professional service and it must remain under public control, free from any profit motive and conflict of interest.

«

In the UK, sales of properties and land must be registered with Land Registry. Privatising it would create a private monopoly with the force of law. This would create a company that could raise fees on any product and which would not be answerable to Freedom of Information requests.

This is an unbelievably stupid idea. I’m thus not surprised that Savid Javid is backing it.
link to this extract

Fly-eye phones are coming » Kevin Marks

Written in January, and increasingly relevant:

»the cameras built into phones have reached the limits of useful resolution, and the differences in responsiveness have been competed away too. The next step will be multiple cameras on each side of the phone. I expect we’ll first see 2 cameras at opposite ends of the phone, so you can take stereoscopic images and videos with natural eye spacing.

However, having simultaneous spaced images means you can extract 3d information from the photo – Google’s camera app has done this for a while but you need to pan up and down. This means you can change depth of field synthetically to give nicer images by blurring unwanted foreground or background details out. This also means you can more easily compensate for lens distortion, making faces less spherical looking in close-ups.You can even reconstruct 3d objects, scanning smaller ones, or panning around a room to derive a more accurate 3d model.

Once you have an accurate 3d model of the room, doing Augmented Reality becomes much more practical – you can place elements on the walls or floors, and have them pass behind and in front of object in a more realistic fashion. Think of the gratuitous effects Snapchat can do with that – 3d halos, birds flying around your head.

«

Look what Snapchat can already do with face recognition (Face Swap) and you get an inkling.
link to this extract

TayAndYou – toxic before human contact » Smerity.com:

Stephen Merity argues, very convincingly, that Microsoft’s Tay going haywire wasn’t shocking, surprising or unpredictable at all:

»The entire situation was made worse by a few factors:

• TayAndYou would repeat phrases uttered to it, a trivial attack vector
• The facial recognition on images included a small number of utterances, another trivial attack vector that could be gamed for negative results
• TayAndYou produced over 96,000 tweets in a single day, meaning little to no quality oversight would be in place – if there were any potentially insulting responses they were near guaranteed to be found

Was implementing a filter for swearing out of scope..? To be fair, the bot would still find something insulting to say but I’m certain the majority of worst cases would be flagged.

Even if filtering on the generation end was considered too much, the training data shouldn’t have been toxic. Maybe at least filter the training data for anything discussing Hitler. If a PR department wouldn’t want their humans tweeting about Hitler, I’ve no clue why you’d want a bot to.

«

Meanwhile, Microsoft is ever so ever so sorry.

If you’re working in AI/deep learning, Merity’s blog is worth rummaging through.
link to this extract

Donald Trump will win in a landslide. *The mind behind ‘Dilbert’ explains why. » The Washington Post

Michael Cavna:

»[Scott] Adams, in other words, believes that Trump himself has turned the campaign game around. On the stump, the real-estate mogul is not running on the knowledge of his numbers or the dissection of the data. He is running on our emotions, Adams says, and sly appeals to our own human irrationality. Since last August, in fact, when many were calling Trump’s entry a clown candidacy, the “Dilbert” cartoonist was already declaring The Donald a master in the powers of persuasion who would undoubtedly rise in the polls. And last week, Adams began blogging about how Trump can rhetorically dismantle Clinton’s candidacy next.

Adams, mind you, is not endorsing Trump or supporting his politics. (“I don’t think my political views align with anybody,” he tells The Post’s Comic Riffs, “not even another human being.”) And he is not saying that Trump would be the best president. What the Bay Area-based cartoonist recognizes, he says, is the careful art behind Trump’s rhetorical techniques. And The Donald, he says, is playing his competitors like a fiddle — before beating them like a drum.

«

It’s about irrationality. And people are irrational, no matter what they might think. (I’m very much hoping this is wrong.)
link to this extract

The readers’ editor on closing comments below the line » The Observer

Stephen Pritchard is the readers’ editor of The Observer, the Sunday sibling to The Guardian:

»While there is a general desire to open comments on as many subjects as possible, moderators are made aware in advance of opinion pieces that are likely to need careful handling.

Last weekend, after consultation, comments were delayed on several Observer articles, including Nick Cohen on becoming a Jew, Victoria Coren Mitchell on the Adam Johnson underage sex case and Barbara Ellen on Jamie Oliver’s advocacy of breastfeeding.

Comments opened once moderators were in place, but within minutes antisemites and Holocaust deniers were hounding Cohen, apologists for sex with teenagers were appearing in the Coren Mitchell thread and misogynists were busy insulting Ellen. It had to stop.

The Telegraph is in the process of ending commentary on its site. That’s not being proposed here, but editors need to think harder about when it would be wise to switch off the ability to comment if a subject is likely to attract so much rage that a mature conversation becomes impossible. It devalues our journalism and offends our readers.

«

Fewer open comment threads also means less moderation, which saves money. But I think this is a broader trend: general news sites will have fewer and fewer open comment threads. It’s just not worth the trouble. Speaking of which…
link to this extract

Public Access: we’re shutting down our comments … see you next week » Engadget

Here’s Amber Bouman at tech site Engadget:

»The thing is, we like having a comments section. It gives our readers a place to share their experiences, point out mistakes we’ve made, offer up different perspectives and provide more information. Our comments section can be an incredible place to visit, and we value that our readers take the time out of their day (often repeatedly) to participate. But we can’t take pride in a comment system that isn’t offering you the features you need to participate; that runs amok with racist, sexist or homophobic slurs and threats; or that takes joy in in-fighting and provoking fights.

A quality comments section should make it easy for users to contribute. A good comments section has users who feel a sense of duty and kinship, who act as a community. An exceptional comments section informs its readers, corrects authors and provides worthwhile insights in a polite and constructive manner.

«

It can be done; I think you make people pay to be commenters, and revoke that – without refund – if they cross the line.
link to this extract

Errata, corrigenda and ai no corrida: none specified.

Start up: malware for all!, Tim Cook v FBI, US gov seeks source code, bedtime for robots, and more

Posted on March 21, 2016 by charlesarthur

Facebook discovered that tons of ads are as fake as this “pound coin”. Photo by Steve Parker on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Off you go. I’m charlesarthur on Twitter. Observations and links welcome.

Building towards value with Atlas » Facebook Atlas Solutions

Dave Jakubowski, head of ad tech, Facebook:

»Marketing pioneer John Wanamaker once famously said, “Half the money I spend on advertising is wasted; the trouble is, I don’t know which half.” Despite the promises of the past two decades, digital still faces the same issue.

Through Atlas and the people-based layer that powers it, we’ve been able to identify and measure where most waste comes from: exchanges and banners.

We realized this by testing out a buying platform in Atlas last year. During that test, we plugged into a number of the usual exchanges and bought across several formats. There were two major takeaways:

1: We were able to deliver ads to real people with unprecedented accuracy, but came up against many bad ads and fraud (like bots). While we were fortunately able to root out the bad actors and only buy quality ads, we were amazed by the volume of valueless inventory.
2: Only two ad formats delivered significant value: native & video.

Based on those findings, we began to dig into the ads that came through LiveRail. And when we saw the same thing, we immediately shut off the low quality ads. In fact, we removed over 75% of the volume coming from our exchange by turning off publishers circulating bad inventory into LiveRail.

«

Wonder how many news sites will take note of those points.
link to this extract

AceDeceiver: first iOS trojan exploiting Apple DRM design flaws to infect any iOS device » Palo Alto Networks

Claud Xiao:

»We’ve discovered a new family of iOS malware that successfully infected non-jailbroken devices we’ve named “AceDeceiver”.

What makes AceDeceiver different from previous iOS malware is that instead of abusing enterprise certificates as some iOS malware has over the past two years, AceDeceiver manages to install itself without any enterprise certificate at all. It does so by exploiting design flaws in Apple’s DRM mechanism, and even as Apple has removed AceDeceiver from App Store, it may still spread thanks to a novel attack vector…

…To carry out the attack, the [malware] author created a Windows client called ”爱思助手 (Aisi Helper)” to perform the FairPlay MITM attack. Aisi Helper purports to be software that provides services for iOS devices such as system re-installation, jailbreaking, system backup, device management and system cleaning. But what it’s also doing is surreptitiously installing the malicious apps on any iOS device that is connected to the PC on which Aisi Helper is installed. (Of note, only the most recent app is installed on the iOS device(s) at the time of infection, not all three at the same time.) These malicious iOS apps provide a connection to a third party app store controlled by the author for user to download iOS apps or games. It encourages users to input their Apple IDs and passwords for more features, and provided these credentials will be uploaded to AceDeceiver’s C2 server after being encrypted. We also identified some earlier versions of AceDeceiver that had enterprise certificates dated March 2015.

As of this writing, it looks as though AceDeceiver only affects users in mainland China.

«

So it’s really a Windows infection?
link to this extract

275 million Android phones imperiled by new code-execution exploit » Ars Technica UK

Dan Goodin:

»The NorthBit-developed attack exploits a Stagefright vulnerability discovered and disclosed last year by Zimperium, the security firm that first demonstrated the severe weaknesses in the code library. For reasons that aren’t yet clear, Google didn’t fix the vulnerability in some versions, even though the company eventually issued a patch for a different bug that had made the Zimperium exploits possible. While the newer attack is in many ways a rehash of the Zimperium work, it’s able to exploit an information leak vulnerability in a novel way that makes code execution much more reliable in newer Android releases. Starting with version 4.1, Android was fortified with an anti-exploitation defense known as address space layout randomization, which loads downloaded code into unpredictable memory regions to make it harder for attackers to execute malicious payloads. The breakthrough of Metaphor is its improved ability to bypass it.

“They’ve proven that it’s possible to use an information leak to bypass ASLR,” Joshua Drake, Zimperium’s vice president for platform research and exploitation, told Ars. “Whereas all my exploits were exploiting it with a brute force, theirs isn’t making a blind guess. Theirs actually leaks address info from the media server that will allow them to craft an exploit for whoever is using the device.”

«

Affects versions 2.2 through to 4.0, and 5.0 and 5.1. Which is 41.1% of phones, according to latest data from Google. Would have thought that is more than 275m, actually.
link to this extract

Microsoft apologizes for GDC party with skimpily-clad dancers » Reuters

Anya George Tharakan:

»Microsoft Corp apologized for hiring dancers dressed as skimpily-clad schoolgirls for its Game Developer Conference (GDC) afterparty in San Francisco on Thursday night, responding to media reports citing attendees’ pictures on Twitter and Instagram.

“It has come to my attention that at Xbox-hosted events at GDC this past week, we represented Xbox and Microsoft in a way that was absolutely not consistent or aligned to our values,” Microsoft’s head of Xbox Phil Spencer said in a statement.

“That was unequivocally wrong and will not be tolerated,” Spencer said.

Photos purportedly from the party surfaced on Twitter and Instagram, with many users expressing their anger at Microsoft’s actions.

«

“Will not be tolerated”? What’s the penalty? Of course it would have been better if this hadn’t happened in the first place. Ah, San Francisco.
link to this extract

Google could beat Apple at fashion – just like it did phones » Co.Design

Mark Wilson:

»”when you think about things people wear, they have really diverse styles. It isn’t the case that one style fits all, in any clothing or accessory or other kind of apparel,” David Singleton, VP of Android Wear, says. “A lot of our DNA working on Android has always been to create an ecosystem of partners to work together to create something bigger than the sum of its parts, and that’s what we’re trying to do here.”

That strategy worked for Android Wear’s first fashion partnership, Fossil, which cites its Fossil Q Founder as its top-selling watch, period, of the 2015 holiday season. At $295, it’s more or less the Bentley of Fossils. But watches are just one small swatch of a much larger piece of fabric. Google’s open platform is poised to leave a much larger impact on the $1.2 trillion fashion industry than it has on smartphones—because while everyone is happy to use the same phone as the person sitting next to them, fashion is a form of personal expression. Even those who ride the latest trends don’t want to be matchy-matchy with everyone else on the street…

…what gets concerning about the viability of Apple’s strategy — if we really are to consider it a fashion company now — is how its closed approach not only will limit overall adoption of the Apple Watch, but limit the extent to which Apple can keep afloat in the sheer depth of wearables to come.

«

This would be a strong argument if Android Wear weren’t miles behind Apple Watch in sales; and the article doesn’t offer any explanation for what would make its adoption increase.
link to this extract

Silicon Valley’s unchecked arrogance » Medium

Ross Baird and Lenny Mendonca:

»Snapchat may be solving an important problem for well-connected young people in America who don’t have to worry about basic needs. But whether it’s unemployed young people in St. Louis looking for their next paycheck or a family in Flint, Michigan worried about clean water, many Americans have more immediate problems.

Because most of today’s entrepreneurs have their basic needs taken care of, their problem-solving often seems frivolous to the rest of the country.

Take Uber, for example. Uber’s great at solving how people with smartphones and disposable income can get around major cities — a small fraction of the global population. Uber is less good at helping the drivers, whose income is much lower than the riders, benefit from this new paradigm. Uber has hailed their impact as letting people work flexibly and use assets more productively, but strategically is investing hugely in driverless cars.

And we don’t blame Travis Kalanick (actually we do, but that’s not the point of this story). Uber’s founders’ experiences are as riders, not drivers. But imagine an ownership structure in which, for example, drivers could earn fractional equity in the company for each ride they gave. What if a percentage of the $50bn valuation were shared among the drivers, based on a merit-based system?

«

It’s quite a thought, isn’t it? Now *that* would be a sharing economy.

link to this extract

US government pushed tech firms to hand over source code » ZDNet

Terrific scoop by Zack Whittaker:

»The US government has made numerous attempts to obtain source code from tech companies in an effort to find security flaws that could be used for surveillance or investigations.

The government has demanded source code in civil cases filed under seal but also by seeking clandestine rulings authorized under the secretive Foreign Intelligence Surveillance Act (FISA), a person with direct knowledge of these demands told ZDNet. We’re not naming the person as they relayed information that is likely classified.

With these hearings held in secret and away from the public gaze, the person said that the tech companies hit by these demands are losing “most of the time.”

When asked, a spokesperson for the Justice Dept. acknowledged that the department has demanded source code and private encryption keys before. In a recent filing against Apple, the government cited a 2013 case where it won a court order demanding that Lavabit, an encrypted email provider said to have been used by whistleblower Edward Snowden, must turn over its source code and private keys.

«

The fact that Justice Department says it might demand the same from Apple does slightly imply that it doesn’t have it already.
link to this extract

Can we teach robots right from wrong by reading them bedtime stories? » Public Radio International

Elizabeth Shockman:

»“We’re still at a simpler stage,” [computer science professor at the Georgia Institute of Technology in Atlanta, Mark] Riedl says. “Natural language processing is very hard. Story understanding is hard in terms of figuring out what are the morals and what are the values and how they’re manifesting. Storytelling is actually a very complicated sort of thing.”

Eventually, however, Riedl hopes it will be possible to give robots entire libraries of stories.

“We imagine feeding entire sets of stories that might have been created by an entire culture or entire society into a computer and having him reverse engineer the values out. So this could be everything from the stories we see on TV, in the movies, in the books we read. Really kind of the popular fiction that we see,” Riedl says.

He doesn’t worry about robots being able to determine what right or wrong is in a story — whether it’s better to side with a heroic figure in a story or an anti-hero.

“What artificial intelligence is really good at doing is picking out the most prevalent signals,” Riedl says.

«

link to this extract

Full transcript of TIME’s interview with Apple CEO Tim Cook » TIME

Nancy Gibbs and Lev Grossman:

»Q: As a business person, as the guy running Apple, should this go to Congress, they rule, goes against you, how bad is it for Apple from a business point of view?

COOK: I think, first of all it’s bad for the United States. Because going against us doesn’t just mean going against us. It means likely banning, limiting or forcing back doors for [everyone]. I think it makes the U.S. much more vulnerable. Not only in privacy but also in security. The national infrastructure, everything. And I can’t imagine it happening because it would be outlandish for something like that to happen. I think everybody has better judgment than that.

But at the end of the day, we’re going to fight the good fight not only for our customers but for the country. We’re in this bizarre position where we’re defending the civil liberties of the country against the government. Who would have ever thought this would happen?

«

Absorbing read; the only point where Cook seems to bodyswerve the question is when he’s asked “what if it’s about finding out where the terrorist’s nuclear bomb is ticking down, or the child is being tortured?” Which is of course the question which pours grease onto the slippery slope.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start up: Facebook’s real origin, Apple’s political underspend, Samsung’s unbranding, the electric oil crisis, and more

Posted on February 29, 2016 by charlesarthur

Nintendo’s 3DS: not propping up sales so well as in the past. Photo by Ian Muttoo on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 11 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Cratering portable sales can’t prop up Nintendo’s business anymore » Ars Technica

Kyle Orland:

»A new revision to Nintendo’s projected earnings, released [on Friday], sees Nintendo reducing its expectations of Nintendo 3DS sales for the full fiscal year, which ends in March. Nintendo now expects to sell 6.6m 3DS units during the 12-month period, a 13% drop from previous projections and a 24% decline from the year before. That drop (and the accompanying drop in 3DS software sales projections) is a big reason why Nintendo is now also saying that its annual profits will be 50% lower than it had projected, though the company blames some of that decline on the weakening Japanese yen.

You might think this kind of decline is natural for a system like the 3DS, which is, after all, approaching its fifth birthday. But previous Nintendo handhelds have looked much more robust at this point in their lifecycles. The Nintendo DS was still near the peak of its hardware sales dominance in its fifth and sixth years, selling a whopping 31.18m units in the 2009 fiscal year (and a healthy 27.11m the next year). Game Boy Advance sales were still near a steady peak in the 2005-2006 period, bouncing up and down in the 15m to 18m annual sales range, thanks in part to the successful Game Boy Advance SP hardware refresh.

The 3DS, on the other hand, seems to have peaked earlier and lower than other Nintendo handhelds.

«

In short, Nintendo is predicting that its revenues in FY2016 will be lower than its profits in FY09. It’s taken a while, but smartphones are beginning to undermine it. (Might it be that those who had a Nintendo handheld in 2009 are now updating with a smartphone?)
link to this extract

The true story of how Mark Zuckerberg founded Facebook » Business Insider

Biz Carson:

»In the Hollywood-stylized version, a Harvard student needed a tool to date girls.

The real version couldn’t be further from the truth, Mark Zuckerberg told Mathias Döpfner in an interview with “Die Welt am Sonntag.”

At the time, he already had a girlfriend — Priscilla Chan, now his wife — and he was obsessed with the internet. Google was great for searching for news and Wikipedia was great for searching for reference material, but there was a gap.

“There was no tool where you could go and learn about other people. I didn’t know how to build that so instead I started building little tools,” Zuckerberg told Döpfner.

He built a small tool called Coursematch where people could list what classes they were taking. He did build the Facematch tool, as seen in “The Social Network,” but that was just a prank, he says.

«

Rewrite of an interview with Die Welt am Sonntag (The World On Sunday).
link to this extract

Here’s how electric cars will cause the next oil crisis » Bloomberg BusinessWeek

Tom Randall:

»In the next few years, Tesla, Chevy, and Nissan plan to start selling long-range electric cars in the $30,000 range. Other carmakers and tech companies are investing billions on dozens of new models. By 2020, some of these will cost less and perform better than their gasoline counterparts. The aim would be to match the success of Tesla’s Model S, which now outsells its competitors in the large luxury class in the U.S. The question then is how much oil demand will these cars displace? And when will the reduced demand be enough to tip the scales and cause the next oil crisis?

«

A crisis in the form of a glut.
link to this extract

When the “Apple Encryption Issue” reached Piers Morgan » mobilephonesecurity

David Rogers does mobile phone forensics and teachers a mobile systems security course. Piers Morgan (who used to edit the Daily Mirror, which has apologised to some people for phone hacking) did however claim that he could take the FBI/Farook iPhone “to Tottenham Court Road [an electronics mecca in London) and they’d get into it” – suggesting that he might have confused carrier unlocking with PIN unlocking. Here’s Rogers on the tricky rapids to be navigated in deciding if we can force companies to unlock encrypted devices:

»Remember, someone who has actually committed a crime is probably going to say they didn’t do it. The phone data itself is usually more reliable than witnesses and defendant testimony in telling the story of what actually happened and criminals know that. I’ve been involved with digital forensics for mobile devices in the past and have seen first-hand the conviction of criminals who continually denied having committed a serious crime, despite their phone data stating otherwise. This has brought redress to their victim’s families and brought justice for someone who can no longer speak.

On the other side of course, we’re carrying these objects around with us every day and the information can be intensely private. We don’t want criminals or strangers to steal that information. The counter-argument is that the mechanisms and methods to facilitate access to encrypted material would fall into the hands of the bad guys. And this is the challenge we face – there is absolutely no easy answer to this. People are also worried that authoritarian regimes will use the same tools to help further oppress their citizens and make it easier for the state to set people up. Sadly I think that is going to happen anyway in some of those places, with or without this issue being in play…

…This is the same battle that my colleagues in the mobile world fight on a daily basis – a hole is found and exploited and we fix it; a continual technological arms race to see who can do the better job. Piers Morgan has a point, just badly put – given enough time, effort and money the San Bernadino device and encryption could be broken into – it will just be a hell of a lot. It won’t be broken by a guy in a shop on Tottenham Court Road (see my talk on the history of mobile phone hacking to understand this a bit more).

«

link to this extract

Apple’s $120M jury verdict against Samsung destroyed on appeal » Ars Technica

Joe Mullin:

»Apple’s second high-profile patent win against Samsung was appealed, just as the first was. And in an opinion (PDF) published today, a panel of appeals judges entirely wiped out Apple’s victory and its $120 million verdict.

The new decision found that out of three different patents Apple became famous for winning with, one wasn’t infringed and two of them are invalid.

The ‘647 patent described how to turn phone numbers and other software “structures” into links, allowing users to take actions like calling a number with one “click” rather than copying and pasting. The jury awarded Apple $98.7 million based on that patent, but the appeals judges today held that the patent wasn’t infringed at all. They held that “Apple failed to prove, as a matter of law, that the accused Samsung products use an ‘analyzer server’ as we have previously construed that term.”

Appeals judges also invalidated one of Apple’s most consistently ridiculed patents, the ‘721 “slide to unlock” patent. Jurors awarded $3 million based on infringement of that patent, but the appeals panel said the patent is invalid because of prior art.

«

This whole patent thing ends up as Bobby in the shower. “Patent trials? What patent trials?”
link to this extract

Six Hot Media Startups to Watch in 2016 » Al Jazeera America

Sadly this piece by @ProfJeffJarvis (in reality Rurik Bradbury) was deleted by Al Jazeera, which either didn’t recognise its satirical slant ahead of publication, or did and then got cold feet. But it’s still here at the Internet Archive, with gems like this:

»

The New Republic

The oldest startup here, it went through a significant reboot with its March 2012 purchase by Chris Hughes, tech mogul and co-founder of Facebook. It has since innovated so quickly that it is about to be re-rebooting under even newer ownership (name TBD), a great example of the rapid iteration that is characteristic of the best startups.

Instead of the old questions about subjective, qualitative measures, Chris Hughes brought in Yahoo! wartime consigliere Guy Vidra to ask fresh questions, such as: How well did this piece travel? And does this meme even lift our metrics?

I’m excited to see the New New The New Republic, and hope they re-embrace Walter Lippmann’s original mission of nextifying the bewildered herd using hot takes.

«

Nextify your thinkfluencing.
link to this extract

(UPDATE: China, too!) Korean Galaxy S7 to go without Samsung branding on front » AndroidAuthority

Matthew Benson:

»Carrier branding is arguably the bread-and-butter of free promotion: crudely referred to by some as a so-called “tramp stamp” these images tend to irritate customers who would prefer their devices to be free of all superfluous clutter. Even so, manufacturer branding tends to crop up most everywhere, be it the infamous HTC “black bezel bar” or the ever-visible under-the-earpiece location that companies like Samsung opt for.

Strange then, that Samsung’s South Korean website has pictures of its new Galaxy S7 and Galaxy S7 Edge…devoid of such a front-facing claim to fame. Take a look:

The front Samsung logo is clearly missing from the image. In fact, it’s missing from all the renders pictured, yet the rear logo is clearly present, as can be seen above.

«

Subtle messaging: Samsung really does seem to be getting rid of the visible “Samsung” name on the front of the device in China, Japan and Korea. In the first two, it has struggled recently to keep sales up in the face of competition. But why Korea? And is this an evolution of its branding (more confident) or is it concern?
link to this extract

Invisible porn-clicking trojans invade Android’s Google Play store » Tripwire

Graham Cluley:

»many bogus versions of a wide range of apps (ranging from Toy Truck Rally to Subway Surfers 2 to GTA San Andreas and Tinder) have been distributed by fraudsters who wish to use your bandwidth to earn themselves affiliate income by clicking on adverts for pornographic websites.

Of course, if the apps popped up a copy of the Chrome browser to click on the X-rated ads then chances are that you would notice something unusual was afoot. Criminals have learnt from experience that announcing their presence so obviously only hinders their money-making plans.

So, in the case of “Porn Clicker”, the apps spin up an invisible browser window – meaning that any ad-clicking is invisible to the naked eye. And then, a minute or so later, it clicks again.

The money soon begins to earn cash for the criminals – which is a truth especially evident when you consider that some of the bogus apps have been downloaded thousands of times.

«

Android is following exactly the same malware growth path as Windows did on the desktop.
link to this extract

Android phones are easier for police to crack than iPhones » CNN

Jose Pagliery:

»A Google spokesman said that encryption is now required for all “high-performing devices” – like the Galaxy S7 – running the latest version of Android, Marshmallow. But only 1.2% of Android phones even have that version, according to Google.

By comparison, most Apple products are uniformly secure: 94% of iPhones run iOS 8 or 9, which encrypt all data. Apple makes its devices, designs the software, and retains full control of the phone’s operating system.

“If a person walks into a Best Buy and walks out with an iPhone, it’s encrypted by default. If they walk out with an Android phone, it’s largely vulnerable to to surveillance,” said Christopher Soghoian, the principal technologist at the American Civil Liberties Union.

New York City’s top prosecutor, Cyrus Vance, has noted that Android phones have been easier to crack in the past, especially because Google can reset passcodes on older models.

Android is running on 105 million Americans’ smartphones — slightly more than the number of iPhones in the United States, according to industry trackers at comScore.

But there are ways in which an Android phone could actually be made more secure than an iPhone.

Android software can be tweaked to add all sorts of security features, like a password for a particular messaging app.

Google’s operating system also starts up only after the phone’s owner enters a passcode. That’s not true for the iPhone, which starts up as soon as you hit the power button. That’s an important detail: When confronted with a locked iPhone, police can take it to a trusted Wi-Fi connection and potentially copy the phone’s contents to iCloud on Apple’s computer servers, where investigators can then comb through the data.

Android phones won’t back up to the cloud until they’re unlocked.

«

link to this extract

Has Apple been neglecting politics? » tofias dot net

Michael Tofias:

»To understand Apple’s efforts at persuading legislators of various issues, I compiled a measure of political footprint which combines a company’s own federally registered lobbying expenditures from 2015 with the campaign contributions they made during the 2013-14 election cycle from their corporate PAC as well as any employees who made campaign campaign contributions (and listed their employer). This data comes from the Center for Responsive Politics.

In 2015, Apple spent $4.48m on lobbying efforts and while they don’t maintain a PAC for campaign contributions, Apple employees gave a combined $130,579 in FEC-regulated campaign contributions. This adds up to a $4.61m political footprint.

In contrast, Apple’s main rival in the market for smartphones, Google, spent $16.7m on lobbying in 2015, gave $1.65m in campaign contributions via its PAC, and another $2.25m via employees during the 2013–14 election cycle for a combined $20.5m political footprint – over four times the size of Apple’s.

Apple’s political footprint is also on the small side when compared to other large companies (as measured by market capitalization on on December 31, 2015 as reported by YCharts).

«

link to this extract

Platforms, postcodes and pushing services live: a year in the life of our platforms team » UK Ministry of Justice Digital

»Many of our services need info about postcodes, such as what addresses they cover, where they are on the map and what admin areas they fall under.

A year ago each team had used a different commercial solution, with different charging models, so our first platform was a postcode lookup service.

This combines Ordnance Survey and government data to provide one authoritative way for our applications to look up information for any postcode.

«

Astonishing. This already exists in the outside world, with APIs so you don’t have to laboriously enter things by hand. And this was thought a good use of anyone’s time?
link to this extract

Errata, corrigenda and ai no corrida: none specified.

Start up: the smartphone slowdown, AirBnB ‘racism’, malware Bibles, Google lobbies and more

Posted on December 18, 2015 by charlesarthur

No longer big in Japan. Photo by Chris Blakeley on Flickr.

I know, you could sign up to receive each day’s Start Up post by email. But we’ll all be dead in 200 years, so why bother?

A selection of 9 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Revealed: how Google enlisted members of US Congress it bankrolled to fight $6bn EU antitrust case » The Guardian

Simon Marks (Brussels correspondent) and Harry Davies (special investigations correspondent):

• Google’s co-founder and CEO Larry Page met the then European commission chief privately in California in spring 2014 and raised the antitrust case despite being warned by EU officials that it would be inappropriate to do so.

• Officials and lawmakers in Brussels say they have witnessed a significant expansion of Google lobbying efforts over the past 18 months as the company faces increased scrutiny of its business activities in Europe.

• Google has employed several former EU officials as in-house lobbyists, and has funded European thinktanks and university research favourable to its position as part of its broader campaign.

Capitol Hill’s aggressive intervention in Brussels came as the European parliament prepared to vote through a resolution in November 2014 that called on EU policymakers to consider breaking up Google’s online business into separate companies.

Republican and Democratic senators and congressmen, many of whom have received significant campaign donations from Google totalling hundreds of thousands of dollars, leaned on parliament in a series of similar – and in some cases identical – letters sent to key MEPs.

Lobbying is entirely fair play; it’s only stupid not to do it. Microsoft is certainly behind lobbying efforts against Google in the US and Europe. It’s the extent, and the subtlety, that’s so striking here.
link to this extract

Apple names Jeff Williams chief operating officer » Apple

Apple today announced that Jeff Williams has been named chief operating officer and Johny Srouji is joining Apple’s executive team as senior vice president for Hardware Technologies. Phil Schiller, senior vice president of Worldwide Marketing, will expand his role to include leadership of the revolutionary App Store across all Apple platforms. Apple also announced that Tor Myhren will join Apple in the first calendar quarter of 2016 as vice president of Marketing Communications, reporting to CEO Tim Cook.

Interesting on lots of levels:
– Jeff Williams has been COO-in-waiting for some time now; this simply cements it.
– Srouji has been on the chip side; elevating him like this shows the importance of chip design to Apple’s future
– putting Schiller in charge of the App Store looks like the end of a mini-power struggle inside Apple. As Rene Ritchie of iMore pointed out on the Blerg podcast (you listened, right?) responsibility for the App Store was effectively split among three people – Schiller, Eddy Cue and Craig Federighi.

Ritchie has a writeup on this change – definitely worth reading.
link to this extract

Cyber sacrilege at Christmas: Android malware hiding in Bible (and Quran) apps » Forbes

Thomas Fox-Brewster:

Security company Proofpoint isn’t revealing which exact Android apps are doing bad deeds, as it is going through the process of disclosure with the affected developers and vendors. It is instead revealing data on the number of malware or aggressive adware targeting the Google operating system. Proofpoint analyzed over 5,600 unique Bible apps (4,154 for Android and 1,500 for Apple’s iOS), including 208 that contained known malicious code and 140 were classified as “high risk” based on their behavior, all for the Android platform. Apple is evidently doing a good job of keeping out dangerous Bibles.

Kevin Epstein, VP of threat operations at Proofpoint, said those apps with known malicious behavior let attackers steal information from mobile devices, exploit zero-day vulnerabilities, possibly jailbreak or “root” a device, pilfer login credentials and communicate with IP addresses previously linked with rogue activity.

How is it that Apple is keeping out the dangerous ones, though? You’d assume it would be targeted just the same.
link to this extract

Discrimation against Airbnb guests » Ben Edelman

In an article posted today, Michael Luca, Dan Svirsky, and I present results of a field experiment on Airbnb. Using guest accounts that are identical save for names indicating varying races, we submitted requests to more than 6,000 hosts. Requests from guests with distinctively African-American names are roughly 16% less likely to be accepted than identical guests with distinctively White names. The difference persists whether the host is African American or White, male or female. The difference also persists whether the host shares the property with the guest or not, and whether the property is cheap or expensive.

Discrimination is costly for hosts who indulge in it. Hosts who reject African-American guests are able to find a replacement guest only 35% of the time.

On the whole, our analysis suggests a need for caution. While information can facilitate transactions, it also facilitates discrimination. Airbnb’s site carefully shrouds information Airbnb wants to conceal, such as hosts’ email addresses and phones numbers, so guests can’t contact hosts directly and circumvent Airbnb’s fees. But when it comes to information that facilitates discrimination, including name and photo, Airbnb offers no such precaution.

You can read the draft paper. ~~I’ve seen no coverage of it at all.~~ Update: I overlooked The Verge’s coverage of the paper. Apologies. (Recall the similar paper studying discrimination by buyers on eBay from the other day too.)
link to this extract

A botnet has been stealing billions through digital ads aimed at fake audiences » Social Media Today

Aaron Miles:

According to a recent report from ad-fraud prevention firm Pixalate, a sophisticated botnet has been leeching money from digital advertisers by serving up real ads to faked, highly-prized audiences. The botnet, nicknamed Xindi after some Star Trek bad guys, has, by Pixalate’s calculations, rung up something like 78 billion ad impressions so far. According to George Slefo of Adweek, Xindi “could cost advertisers nearly $3 billion by the end of 2016.”

The ingenious thing about the Xindi botnet is who it targeted. The infection was aimed at Fortune 500 companies, university computer networks, and other groups whose users are usually very sought-after by advertisers. Because the advertisers thought that they were reaching such a valuable audience, they were willing to pay much more, $200 per thousand impressions for some, which compounded the cost of the fraud and made things much more lucrative for the fraudsters.

The botnet also uses some sophisticated techniques to trick the protocols that normally check for ad fraud (see image below) and cover its tracks.

Billions of dollars. The scale is astonishing; and so is the ingenuity in how it evaded detection.
link to this extract

Emojis are no longer cool in Japan » Slate

Matt Alt:

The very first emojis appeared on a handset sold by the company J-Phone (now Softbank) in 1997, but high prices kept it out of the hands of average citizens. The direct ancestors of the emoji we know and use today debuted in Japan in 1999. And now? “The emoji boom is over here in Japan,” says Shigetaka Kurita, the man widely credited with creating the adorable little runes. “They’re still around, they’re still pervasive, but they aren’t a fad anymore,” he says in his Tokyo office. He ventures that when Obama mentioned emojis on the White House lawn, “I suspect most Japanese people’s response was, ‘wow, emoji are still popular over there!?’ ”

Extra irony: lack of emoji stalled interest in the iPhone in Japan too. Now it’s one of its best markets.
link to this extract

Elon Musk’s billion-dollar AI plan is about far more than saving the world » WIRED

Cade Metz:

We can’t help but think that Google open sourced its AI engine, TensorFlow, because it knew OpenAI was on the way—and that Facebook shared its Big Sur server design as an answer to both Google and OpenAI. Facebook says this was not the case. Google didn’t immediately respond to a request for comment. And Altman declines to speculate. But he does say that Google knew OpenAI was coming. How could it not? The project nabbed Ilya Sutskever, one of its top AI researchers.

That doesn’t diminish the value of Google’s open source project. Whatever the company’s motives, the code is available to everyone to use as they see fit. But it’s worth remembering that, in today’s world, giving away tech is about more than magnanimity. The deep learning community is relatively small, and all of these companies are vying for the talent that can help them take advantage of this extremely powerful technology. They want to share, but they also want to win. They may release some of their secret sauce, but not all. Open source will accelerate the progress of AI, but as this happens, it’s important that no one company or technology becomes too powerful. That’s why OpenAI is such a meaningful idea.

link to this extract

The smartphone lifetime challenge » Bob O’Donnell

In a recent survey of over 3,000 consumers across five countries (US, UK, Germany, Brazil and China) conducted by TECHnalysis Research, consumers said they expected to replace their smartphones every 1.8 years. Now, on the surface, that seems fine, and probably in line with what people have done in the past. The problem is, in response to the same question about notebook PCs, people said they expected to replace those devices every 2.5 years.

In reality, however, notebook PC replacements occur closer to 5 years. In other words, people clearly aren’t good at estimating how long they plan to keep a device. To be fair, I don’t think smartphone replacement times will be double the 1.8-year lifecycle that they responded with, but I am certain they will be longer. And that is the crux of the challenge for the smartphone market.

As we saw first with PCs and then with tablets, once a market reaches the saturation point, then future growth becomes nearly completely dependent on refresh rate and lifecycle—how quickly (or not) you choose to upgrade what you have.

Things are going to get tight in the next few years in mature markets.
link to this extract

Xiaomi plays down sales target » OmniFeed

Gillian Wong ad Eva Duo:

“This target [of 80m shipped in 2015, given earlier this year is not the No. 1 priority for us,” Mr. Lei said on the sidelines of the World Internet Conference on Wednesday in the Chinese city of Wuzhen, when asked if Xiaomi could reach its smartphone sales target. “What we care about the most is the rate of customer satisfaction.”

Mr. Lei played down the sales target, saying he was “constantly pushed by everyone” to give the figure earlier this year.

He said in a statement in July that Xiaomi sold 34.7m smartphones in the first half of the year. Xiaomi sold 61.1m smartphones in 2014 and 18.7m in 2013.

The “80m” number is actually a reduction from the 100m or so that Xiaomi was hoping for back in March.
link to this extract

Errata, corrigenda and ai no corrida:

Start up: the smartphone generation, OLED for iPhone?, VR’s Atari moment, and more

Posted on November 27, 2015 by charlesarthur

A new paper says this might not be enough to give an accurate measurement of your blood. Oh, hello, Theranos, didn’t see you there. Photo by biologycorner on Flickr.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 10 links for you. (Ooh, are those turkey sandwiches?) I’m charlesarthur on Twitter. Observations and links welcome.

The generation that doesn’t remember life before smartphones » Popular Mechanics

Jacqueline Detwiler:

Zac [aged 18] probably started developing memories around 1999, the year Napster upended the music industry by turning songs into sharable files that nobody owned. Or maybe in 2000, the year Google became Google. Regardless, he is part of the first generation of human beings who never really lived before the whole world was connected by pocket-sized electronic devices. These kids might never read a map or stop at a gas station to ask directions, nor have they ever seen their parents do so. They will never need to remember anyone’s phone number. Their late-night dorm-room arguments over whether Peyton or Eli Manning won more Super Bowl MVPs will never go unsettled for more than a few seconds. They may never have to buy a flashlight. Zac is one of the first teenagers in the history of teenagers whose adult personality will be shaped by which apps he uses, how frequently he texts, and whether he’s on Facebook or Instagram or Twitter or Snapchat. Or whatever comes after Snapchat. Clicking like, clicking download, clicking buy, clicking send—each is an infinitesimal decision in the course of the modern American teenager’s life. They do this, collectively, millions of times a minute. But together these tiny decisions make up an alarming percentage of their lives. This generation is the first for whom the freedom to express every impulse to the entire world is as easy as it used to be to open your mouth and talk to a friend.

link to this extract

Samsung Gear VR review: virtual reality finds its Atari moment » WSJ

Geoffrey Fowler:

unlike other phone-goggle contraptions, the Gear VR headset has its own motion sensors, so it does a much better job of tracking your head movements when you’re turning or looking up. And it pushes the Samsung phone’s processor to cut motion delay to under 20 milliseconds, reducing the nausea-inducing blur. (My test Galaxy S6 Edge Plus worked so hard when mounted, it could blow through its huge battery with an hour or two of intensive VR.)

Other improvements also make Gear VR much more comfortable: The headset itself is less heavy—slimmed 19% from an experimental headset Samsung debuted last year. You can comfortably fit glasses inside, and there’s also a focus adjustment that makes the view more pleasurable for aging eyes.

Yet there’s still some discomfort. Wearing anything on your face for an hour can get old. Also, I occasionally encountered what appeared to be a flicker in the brightest parts of the screen. (Samsung says that’s rare, and has to do with the way my brain processes the screen refresh itself.)

link to this extract

Home Office meeting re IPBill » RevK’s rants

Adrian Kennard (who runs an internet service provider) went to talk to MPs about their Draft Investigatory Powers bill:

At the start of the briefing the the bill was explained, and we heard a story very similar to Theresa May’s comments along the lines of:-

“Consider the case of a teenage girl going missing. At present we can ask her mobile provider for call records before she went missing which could be invaluable to finding her. But for Internet access, all we get is that the Internet was accessed 300 times. What would be useful would be to know she accessed twitter just before she went missing in the same way as we could see she make a phone call”

Now, I am sure this is a well-practised speech, used many times before. I am sure the response has been nodding of heads and agreement with how important “Internet connection records” are, obviously.

However, I, and other ISPA members immediately pointed out the huge flaw in this argument. If the mobile provider was even able to tell that she had used Twitter at all (which is not as easy as it sounds), it would show that the phone had been connected to Twitter 24 hours a day, and probably Facebook as well. This is because the very nature of messaging and social media applications is that they stay connected so that they can quickly alert you to messages, calls, or amusing cat videos, without any delay.

This seemed to fool them somewhat and they had no real answer – we were not just nodding and agreeing, and that was unexpected 🙂

Not much wisdom on any other point either – including whether he could be compelled to lie if he were to use a “canary” over search warrants.
link to this extract

Apple to adopt OLED display for iPhone from 2018 » Nikkei Asian Review

Apple plans to introduce organic light-emitting diode displays for iPhones starting in 2018, sending suppliers racing to fine-tune the technology and invest in capacity expansion.

In light of the decision, South Korea’s LG Display is already planning capacity upgrades. But securing enough panels for the more than 200m phones Apples ships globally every year will likely prove difficult. The US company is thus likely to opt for offering OLED iPhones alongside those using LCD screens.

There are technical challenges as well. The brightness, energy-saving capacity and other functions of OLED panels tend to degrade over time. Apple has begun consulting with display makers and their suppliers of manufacturing equipment about the technology. The companies will work over the next year or so to see whether those drawbacks can be eliminated and a stable supply of screens secured…

…Apple’s shift to OLED displays will have major implications for two Japanese suppliers – Sharp, which is scrambling to rebuild its faltering operations, and Japan Display, which relies on the technology giant for 30% of its business.

2018? That’s a long way off. Why not jump to AMOLED? (Note: LG is spending $8.7bn on a new OLED plant to begin production in the first half of 2018. Coincidence?
link to this extract

New study spills doubt on some fingerprick blood tests » Ars Technica UK

Beth Mole:

Tiny blood droplets that leak successively from a pricked finger can have widely variable contents, researchers reported in the American Journal of Clinical Pathology. In some cases, test results on such finger-bled droplets had nearly eight times more variation than vein-harvested blood samples—the gold standard. Only when the authors tested upwards of five drops combined (60 to 100 microliters) were they able to get accurate results. The study raises concerns that new diagnostic tests that rely on blood drops may yield inaccurate results.

*turns slowly to look at Theranos*
link to this extract

OnePlus concedes that its USB type-C cables are out of spec, will offer refunds » Android Police

Ryan Whitwam:

Google engineer Benson Leung recently started a crusade against bad USB type-C cables, and one of the cables he warned people to stay away from is the one sold by OnePlus. Now OnePlus has responded to the uproar, saying that it will offer refunds to customers who purchased these cables. Well, you can apply for a refund. It’s not clear how long it’ll take.

The issue is that OP’s type-C cable and the type-C adapter both have a 10kΩ resistor, which as Benson Leung has been pointing out, is potentially dangerous to use with some devices. A proper type-C cable has a 56kΩ resistor, and OnePlus says it is in the process of designing a new version of its accessories that have this resistor. OnePlus’ Carl Pei stresses that the cable and adapter are safe to use with the OnePlus 2 because it only pulls 2A of current. However, a phone like the Nexus 5X or 6P draws 3A, and that can cause damage to the power source.

Seems like a big oversight to miss getting the correct resistor.
link to this extract

Reader’s Digest and other WordPress sites compromised to push Angler EK » Malwarebytes Unpacked

Jérôme Segura:

We’re seeing another uptick in WordPress compromises, using a slightly different modus operandi than the EITest campaign we recently blogged about, being responsible for a large number of infections via the Angler exploit kit.

The attack consists of a malicious script injected within compromised WordPress sites that launches another URL whose final purpose is to load the Angler exploit kit. Site owners that have been affected should keep in mind that those injected scripts/URLs will vary over time, although they are all using the same pattern (see IOCs below for some examples).

The website of popular magazine Reader’s Digest is one of the victims of this campaign and people who have visited the portal recently should make sure they have not been infected. The payload we observed at the time of capture was Bedep which loaded Necurs a backdoor Trojan, but that of course can change from day to day.

Solution: don’t read sites on desktop? (Thanks Ivan Ivanovich.)
link to this extract

Macbook charger teardown: the surprising complexity inside Apple’s power adapter » Righto

The wonderful Ken Shirriff, who does electronics teardowns of fabulous sophistication and insight:

The Macbook 85W charger costs $79 from Apple, but for $14 you can get a charger on eBay that looks identical. Do you get anything for the extra $65? I opened up an imitation Macbook charger to see how it compares with the genuine charger. From the outside, the charger looks just like an 85W Apple charger except it lacks the Apple name and logo. But looking inside reveals big differences. The photos below show the genuine Apple charger on the left and the imitation on the right.

Inside the Apple 85W Macbook charger (left) vs an imitation charger (right). The genuine charger is crammed full of components, while the imitation has fewer parts.

The imitation charger has about half the components of the genuine charger and a lot of blank space on the circuit board. While the genuine Apple charger is crammed full of components, the imitation leaves out a lot of filtering and regulation as well as the entire PFC [Power Factor Correction] circuit. The transformer in the imitation charger (big yellow rectangle) is much bulkier than in Apple’s charger; the higher frequency of Apple’s more advanced resonant converter allows a smaller transformer to be used.

Also included: a microprocessor with as much power as the original Mac.
link to this extract

The Telharmonium was the Spotify of 1906 » Atlas Obscura

Ella Morton:

Invented by lawyer Thaddeus Cahill and initially known as the dynamophone, the telharmonium made use of telephone networks to transmit music from a central hub in midtown Manhattan to restaurants, hotels, and homes around the city. Subscribers could pick up their phone, ask the operator to connect them to the telharmonium, and the wires of their phone line would be linked with the wires emerging from the telharmonium station. The electrically generated tunes would then stream from their phone receiver, which was fitted with a large paper funnel to help pump up the volume. (The electric amplifier had not yet been invented.)

The music was generated live at what Cahill called a “music plant,” which was located at Broadway and 39th Street. An entire floor of the building, which came to be known as Telharmonic Hall, was filled with the 200 tons of machinery required to generate the telharmonium’s tunes. With its banks of spinning rotors, switchboards, transformers, and alternators, the behemoth instrument gave “the impression of nothing so much as a busy machine-shop, or the center of a considerable manufacturing industry,” according to a 1906 article in McClure’s Magazine.

“Facebook, invented by Thaddeus Zuckerberg..” Why isn’t anyone called Thaddeus anymore? Notice also that this is an American publication, yet it uses “Spotify” as its shortcut for “streaming service” rather than, say, Pandora.
link to this extract

Jonathan Mayer, well-known online security expert, joins F.C.C. » The New York Times

Natasha Singer:

Among digital security experts, Mr. Mayer is known, among other things, as the Stanford computer scientist who reported in 2012 that Google was bypassing privacy settings in Apple’s Safari browser by placing bits of code in digital ads that tracked the sites users visited. Google subsequently agreed to pay a $22.5 million fine to settle charges by the Federal Trade Commission that the company had misrepresented its privacy practices.

Now Mr. Mayer, 28, has a new handle: federal regulator.

On Tuesday, the Federal Communications Commission said it had hired Mr. Mayer as chief technologist in the agency’s enforcement bureau.

Impressive hiring.
link to this extract

Errata, corrigenda and ai no corrida: none notified.

Start up: who’ll exit PCs next?, Gwen Stefani v iCloud, Chrome vuln pwns Android, and more

Posted on November 16, 2015 by charlesarthur

A castle in Gibraltar lit up with the French colours in solidarity following the killings on Friday night. Photo by ollygringo on Flickr.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

“It’s War”: being a cop in post-Charlie Hebdo France » Matter on Medium

Mac McClelland lives with a French policier; the events of January 2015 changed things hugely:

These gendarmes had caught something early on in the TV footage that told them a very, very terrible event had transpired. The riot branch of the national police was visible in the background of the newscast. Usually, they carried only nine-millimeter handguns. Now they all had M14s.

Eight of Theo’s colleagues watched the cop’s killing on YouTube together. Theo’s dark, serious eyebrows raised in astonishment, then knitted together as he immediately went into analytical mode.

Their rifles aren’t fully automatic, he thought. They’re firing one shot at a time. That’s weird. They look trained, but not quite professional. The news was reporting that the suspects looked like professionals. No, Theo thought. They’re not checking their perimeter. Not the roofs.

His training permitted him to watch the violence more coldly than your average guy. But as his normally scheduled, 24-hour shift wore on, his professional distance vanished. “Gros fils de pute de merde,” he texted another gendarme he knew, a guy from a mobile intervention platoon.

There’s a sea change going on in how the police think of their job in modern France, McClelland suggests. (If you’ve seen the most recent series of the French policier series Engrenages – “Spiral” in the UK – you have a sense of it.)
link to this extract

What ISIS really wants » The Atlantic

Graeme Wood:

Our ignorance of the Islamic State is in some ways understandable: It is a hermit kingdom; few have gone there and returned. Baghdadi has spoken on camera only once. But his address, and the Islamic State’s countless other propaganda videos and encyclicals, are online, and the caliphate’s supporters have toiled mightily to make their project knowable. We can gather that their state rejects peace as a matter of principle; that it hungers for genocide; that its religious views make it constitutionally incapable of certain types of change, even if that change might ensure its survival; and that it considers itself a harbinger of—and headline player in—the imminent end of the world.

This is not a short read. But you will come away from it much, much better informed.
link to this extract

The dream life of driverless cars » The New York Times

Geoff Manaugh:

All of the glares, reflections and misunderstood signs that [Illah] Nourbakhsh [professor of robotics at Carnegie Mellon University] warned about are exactly what [London design studio] ScanLAB now seeks to capture. Their goal, [32-year-old Matthew] Shaw said, is to explore ‘‘the peripheral vision of driverless vehicles,’’ or what he calls ‘‘the sideline stuff,’’ the overlooked edges of the city that autonomous cars and their unblinking scanners will ‘‘perpetually, accidentally see.’’ By deliberately disabling certain aspects of their scanner’s sensors, ScanLAB discovered that they could tweak the equipment into revealing its overlooked artistic potential. While a self- driving car would normally use corrective algorithms to account for things like long periods stuck in traffic, [William] Trossell and Shaw instead let those flaws accumulate. Moments of inadvertent information density become part of the resulting aesthetic.

The London that their work reveals is a landscape of aging monuments and ornate buildings, but also one haunted by duplications and digital ghosts. The city’s double- decker buses, scanned over and over again, become time- stretched into featureless mega- structures blocking whole streets at a time. Other buildings seem to repeat and stutter, a riot of Houses of Parliament jostling shoulder to shoulder with themselves in the distance. Workers setting out for a lunchtime stroll become spectral silhouettes popping up as aberrations on the edge of the image. Glass towers unravel into the sky like smoke. Trossell calls these ‘‘mad machine hallucinations,’’ as if he and Shaw had woken up some sort of Frankenstein’s monster asleep inside the automotive industry’s most advanced imaging technology.

link to this extract

Gwen Stefani split shows cross-device sharing of naughty photos is new bane of the digital age » SiliconValley.com

Cross-device text and photo streaming was the undoing of Stefani’s cheatin’ heartthrob, when naked pictures of the nanny began popping up on the family iPad, US magazine uncovered this week. Like a lot of families, they evidently linked their mobile devices together – so a text or photo sent to one showed up on the others.

A lot of non-boldface names – many of them right here in switched-on Silicon Valley – have learned the same lesson the hard way. Apple customers frequently make their iCloud photo stream the default screen saver for Apple TV, transforming their selfies into 60in widescreen Ken Burns dissolves.

That’s what happened to Alex (who responded to a Facebook request for cringeworthy cases of cross-device photo streaming, but declined to give his last name). He took revealing pictures intended for his “certain someone,” then walked into the living room he shared with new roommates to find himself streaming in all his gaudy glory on the TV they were watching. “Let’s just say it made for some awkward dinner hours for a while,” he says.

“The future of TV is apps where you’ve definitely logged out first.” (Also, the Stefani case is just excruciating.)
link to this extract

BlackBerry Priv review: Android fixes the OS, but the hardware can’t compete » Ars Technica UK

Ron Amadeo is merciless:

With Google, Motorola, Xiaomi, and OnePlus pumping out high-end devices in the £200-350 range, pricing your Android phone at £560 is a boastful statement that you’ve made a kick-ass, no compromise device. The BlackBerry Priv can’t back up that kind of bragging, though, and that’s why it’s a failure. Other than the subpar keyboard and camera, everything on the Priv is merely passable. It’s a “C” student, but the price demands we grade on a curve that flunks the Priv.

Even at a competitive price of something like £350-£450, we’d be hard pressed to buy a phone with a hardware keyboard when the hardware keyboard is bad. The keys are small and flat, the keyboard is cramped, and hardware keyboard autocorrect is shoehorned into an operating system layout where it clearly isn’t welcome. Closing the Priv and using the more spacious software keyboard wasn’t just faster, it was a relief. That’s the real deal-breaker for the Priv—the hardware keyboard needed to be spectacular, and it isn’t.

His critique of the keyboard in particular is painstaking and murderous.
link to this extract

Five things I think journalism students need to know about technology » Medium

Martin Belam gave a talk to City University journalism students (lucky sods) and made five points. This is one of the subtler ones:

Treat every bit of content you publish to Facebook like an A/B test.
You post it to your page. If nobody interacts with it — by sharing or liking or commenting on it — it’s already failed. If the first few people to see it engage with it, then you have a chance that Facebook will show your content to more people.

So how can your piece pass that first test?

Ask yourself who is going to share that article, and why are they going to share it? If you can’t answer that question about your own story, you’ve done it wrong.

All worth considering (including the GIF one – which isn’t about how to pronounce it).
link to this extract

Two top PC vendors predicted to exit the market soon » Investors.com

Patrick Seitz:

As PC sales have shrunk in recent years, the top four vendors have consolidated market share. They are Lenovo, HP Inc, Dell and Apple, [IDC PC analyst Tom] Mainelli said. So the two companies likely to bow out of the PC market probably will be in the lower half of the top 10, he said.

The bottom six are Acer, Asus, Toshiba, Samsung, Tongfang and Fujitsu, Mainelli said.

“The most likely scenario is that two will simply leave the market,” Mainelli said. “I don’t expect there to be many acquisitions as the (top four) don’t gain much from buying anybody in the bottom half of the list. There will likely be much discussion about possible mergers among the rest, but I’m not sure that this course of action will play out.”

Tongfang?
link to this extract

Acer, Asustek will not die in global PC market, says Acer founder » Digitimes

Aaron Lee and Joseph Tsai:

In response to IDC forecasts that two of the top-10 international PC vendors will withdraw from the global PC market over the next two years due to unbearable operating losses and the two are possibly Acer, Asustek Computer, Toshiba, Samsung Electronics, Tsinghua Tongfang, or Fujitsu, Acer founder Stan Shih said that Acer and Asustek will not die due to lower overheads compared to other vendors.

Acer achieved net profits of NT$191m (US$5.84m) and EPS of NT$0.06 for the third quarter and the results were a lot higher than those of the previous quarter mainly due to an exchange income of NT$799m.

Shih noted that Acer’s third-quarter profits were seriously impacted by competitors’ buy-two-get-one-free promotions and Acer also chose to focus on digesting inventory in the quarter, knowing it would gain profits from exchange rates.

I’d not be surprised if Toshiba and Fujitsu pulled out; they’re losing money. Samsung is a long way from profitable scale too, but has the advantage of making key components such as the displays.

Acer’s PC business isn’t looking healthy, though.
link to this extract

Inquiring minds want to know… » Mountain View Police Department

This afternoon [12 November] a Mountain View Police Department traffic officer noticed traffic backing up behind a slow moving car traveling in the eastbound #3 lane on El Camino Real, near Rengstorff Ave. The car was traveling at 24 mph in a 35 mph zone. As the officer approached the slow moving car he realized it was a Google Autonomous Vehicle. The officer stopped the car and made contact with the operators to learn more about how the car was choosing speeds along certain roadways and to educate the operators about impeding traffic per 22400(a) of the California Vehicle Code. The Google self-driving cars operate under the Neighborhood Electric Vehicle Definition per 385.5 of the California Vehicle Code and can only be operated on roadways with speed limits at or under 35 mph. In this case, it was lawful for the car to be traveling on the street as El Camino Real is rated at 35 mph.

Just wanted to check the car wasn’t drunk, I guess.
link to this extract

Single Chrome exploit can compromise any Android smartphone » AndroidAuthority

John Dye:

A researcher at [security company] Quihoo 360 recently discovered an exploit in Chrome that can probably demolish even the newest, most up-to-date Android devices if the user visits an infected site.

The vulnerability was exposed at PacSec’s MobilePwn2Own event. What makes the exploit particularly unsettling is that it’s just one exploit, not an elaborate chain of exploits that interlink to reach an eventual compromise. Although the showcase did not go into the precise details regarding how the exploit works, it was revealed that it takes advantage of a vulnerability in JavaScript v8.

The researcher who discovered the exploit is Guang Gong, and PacSec will be rewarding Guang for uncovering and releasing the exploit by flying him to the CanSecWest security conference for a ski trip in March of 2016. In addition to this, Google will also likely pay a bounty for the bug’s discovery, as a Google security representative at the event took Guang’s work back for consideration.

Chrome will likely get fixed quickly, but is the vulnerability more widespread? Also, where are the stats about how those monthly security updates for Android going? Anyone know?
link to this extract

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

Errata, corrigenda and ai no corrida: none today.

Start up: Google adds mobile ads, the sensing wearable, paying for snoops, and more

Posted on November 13, 2015 by charlesarthur

“Wait – that’s no moon!” Photo of the iPad Pro by portalgda on Flickr.

Something something receive each day’s Start Up post by email mutter mutter. Rhubarb rhubarb confirmation link mutter mutter.

A selection of 11 links for you. Curl up with them for the weekend. I’m charlesarthur on Twitter. Observations and links welcome.

Google’s efforts to monetize mobile pay off, but sites see a hit to organic visits » Search Engine Land

Andy Taylor notes that since August, there are now three ads rather than two before “organic” results on mobile phones in Google searches – and paid-for click-through rates (CTR) on ads have leapt accordingly:

One explanation is that some of the ads now getting impressions in the third spot above the organic results were already getting impressions below the organic results prior to the change. Thus, when the ads got the bump to the top of the page, the likelihood of a click went up substantially.

However, we see average position moving farther down the page, and Google is still showing ads at the bottom of the page, indicating that any ads that were moved up to the top were probably “replaced” at the bottom by additional ads. Thus, this probably isn’t causing the substantial improvement in mobile CTR we’re observing.

Rather, it’s possible that by adding a third text ad and pushing organic links even farther down the page, Google has broken the will of users who would have clicked on an organic link if they could find one at the top of the page but are instead just clicking ads because they don’t want to scroll down.

This would mean the addition of the third text ad may have pretty seriously impacted searcher behavior on phones, resulting in more ad clicks and spend headed Google’s way.

Just in case you were wondering how Google boosted its mobile revenue in the latest quarter, despite fewer than half of people doing one search per day on mobile. Taylor points to other methods too – very big “product listing ads” twice the size of earlier this month.
link to this extract

The iPad Pro: the start of something new » Tech.pinions

Ben Bajarin:

the most interesting observation I made was not how I used the tablet but how my oldest daughter, who is twelve, used the iPad Pro. She goes to a private school where each kid uses an iPad all day, every day. They use the iPad in every aspect of their education, from textbooks and learning materials, to real-time collaboration, notes, making movies during class, presenting, and much more. When we were checking out this school, we spent time watching kids use their iPads to do a range of things in the classroom. I was stunned by their fluency and efficiency. How fast they type, how quickly they multi-task between taking notes or a picture of the teacher’s notes on the board and then mark up their own notes on top of that. These kids were more literate with the iPad than many people I know who are highly technical, including myself. This ingrained literacy is the result of using a touch-based computer and the apps built on top of the mobile ecosystem, every day. After watching them for a day, I’m honestly not sure I could have accomplished as much as they did in as short of a time using a traditional laptop.

So I should not have been surprised when my daughter started playing with the iPad Pro for a few hours and came back and showed me all the things she had done: movies she made, photos she took outside (which she edited/mashed up using the different apps she also uses in creative projects at school) and taking advantage of the unique benefits of the Apple Pencil. With nearly everything she showed me, I had to ask her how she did it.

Do you really think she’s a future Surface user?
link to this extract

EM-Sense wearable knows what objects you’re touching » Digital Trends

Chloe Olewitz:

The human body is naturally conductive, so the electromagnetic noise that most electrical and electromechanical objects emit is propagated throughout the person touching it. Using a small, affordable radio-powered wearable, researchers at Disney and Carnegie Mellon University were able to develop a custom smart watch that detects the electromagnetic noise traveling through the body. Paired with their software definition system, the EM-Sense smart watch can identify what specific objects the wearer is touching at any given moment.

Examples of the EM-Sense’s detection capabilities are what really bring the technology to life. The main function allows the EM-Sense smart watch to simply identify objects, like a doorknob, a toothbrush, or a kitchen appliance. But that’s just the beginning. With a bit more development, EM-Sense’s creators think the technology could be used to automate frequent actions and augment important aspects of our daily routines.

Neat – definitely like the idea of your smartwatch or band being able to identify what you’re dealing with. (Beware the web page’s autoplay video, though.)
link to this extract

DynamicPricer PUP disables browser updates » Malwarebytes Unpacked

Pieter Arntz:

Although this one has been around for a while, DynamicPricer deserves some attention because of the different approach it uses compared to other Potentially Unwanted Programs (PUPs).

What’s different?

Where other adware applications look for sneaky ways to invade your up-to-date browsers or even install their own browser on your system, this one just installs an old version of Chrome and then disables the automatic updates for Chrome and Firefox.

As far as I could retrieve the version of Chrome it installs dates back to February of 2014. My guess is because that was the first build that included an API to take actions depending on the content of a page, without requiring permission to read the page’s content.

So sneaky to prevent the upgrading.
link to this extract

Fossil Group to buy Misfit for $260m » WSJ

Yuliya Chernova:

Watchmaker Fossil Group Inc. has agreed to acquire startup Misfit Inc., a maker of wearable fitness trackers, for $260m.

Richardson, Texas-based Fossil Group has its Fossil and Skagen brands, and it licenses a host of others, including Michael Kors, Diesel and DKNY.

“If you don’t have a brand it is hard to be legit in this space,” said Sonny Vu, chief executive and co-founder of Misfit. He will become president and chief technology officer of connected devices for Fossil Group after the transaction closes, which Fossil expects before the end of the year.

Consolidation in the wearables space already?
link to this extract

Cloud computing promises fall short » WSJ

Angus Loten and Rachael King on the shift to on-demand off-premise cloud computing not quite being the nice elasticated experience companies expected:

Frank Sirianni, CIO of Fordham University, said the university recently shifted from using an on-premises version of Ellucian Inc. business software to the cloud version. Although he agreed to a three-year-deal, Ellucian sought to lock him in for a longer term with variable pricing from month to month and a minimum monthly charge. Mr. Sirianni said he opted for a fixed monthly price, in order to avoid paying more if the university used more computing cycles, but not less if usage declined. Fordham wanted more predictable software spending over the course of the year, he said.

Ellucian said it doesn’t comment on the specific pricing that any client may pay for its products or services. “Our focus is to deliver significant value in these arrangements and enable our customers to leverage their entire investment in technology and services by going to the cloud,” said a company spokeswoman.

Translation: “we don’t want to lose revenue when customers make this shift.”
link to this extract

YouTube and the attention economy » Music Industry Blog

Mark Mulligan points out that YouTube is the one to deal with because “Free music streamers – of which YouTube is the largest single component – comprise 92.5% of all music streaming users and just 32% of all streaming revenue.” So how to balance those numbers?

YouTube is not suddenly going to start delivering dramatically better music stream rates, largely because labels and publishers haven’t had the courage to demand the requisite fair share it should pay. Rights owners’ fears are understandable: one senior label executive recounted a YouTube negotiator saying ‘Don’t push us. Right now you don’t like us much and we’re your friend. Imagine what we’d be like if we weren’t your friend.’ Sooner or later bullying tactics need standing up to. But that will not be a quick process, regardless of the steps currently being taken behind the scenes.

So in the meantime artists and labels need to figure out how to get more out of YouTube in a way that complements the other ways they make money digitally. Put simply that means making more non-music video content to generate more viewing hours and thus more ad revenue from YouTube. Heck, they might even generate some YouTube subscription revenue some time. But do it they must, else they’ll forever be leaving chunks of YouTube money on the table.

link to this extract

Broadband bills will have to increase to pay for snooper’s charter, MPs are warned » Technology | The Guardian

Alex Hern:

For [Matthew] Hare [chief executive of ISP Gigaclear], the other major problem is that separating “metadata” from “content”, as the law mandates for the purposes of mass surveillance, is a very difficult technical challenge.

For a simple connection like a phone call, the difference is easy: information like the number dialled and length of the call is clearly metadata, while the audio transmitted over the line is clearly content. But for a typical internet user, a number of different services are being used at any one time, and they all blur the lines between the two categories.

“The web isn’t a single application, that’s the fundamental problem I’ve got,” Hare said. He outlined a common scenario: “A teenager is currently playing a game using Steam, that’s not a web application … and then they’re broadcasting the game they’re playing using something called Twitch. They may well also be doing a voice call where they’re shouting at their friends, and those are all running simultaneously. At any one time any of those services could drop in, drop out, be replaced.”

MPs discover it isn’t just a series of pipes.
link to this extract

TomTom to provide data for Uber driver app »TomTom

TomTom has signed a global, multi-year agreement to provide maps and traffic data for the Uber driver app.

TomTom’s advanced map-making technology, combined with its world class traffic information, will ensure Uber has a seamless navigation experience, accurate arrival times and efficient journeys in more than 300 cities around the world.

“We are excited to provide Uber with our best-in-class location data.” said Charles Cautley, Managing Director Maps & Licensing at TomTom. “TomTom is a truly independent map provider with the platform for the future. With this platform, TomTom is the trusted partner for innovative and future proof location technology for the global automotive and consumer technology industry.”

Edging just that little bit further away from Google; surprised some that it didn’t go with Nokia’s HERE. TomTom is also a traffic and maps data supplier to Apple. Will Uber buy TomTom? Does Apple have a break clause if someone buys TomTom?
link to this extract

Experts still think uBeam’s through-the-air charging tech is unlikely » IEEE Spectrum

Lee Gomes:

In some regards, uBeam is already walking back some of the more extravagant claims it has made in the dozens of stories that have been written about it. A September piece in TechCrunch, said uBeam “could power up your phone while it’s in your pocket when you’re at a café.” While that sort of ubiquitous charging would be appealing for its simplicity and convenience, experts consider it to be impossible on account of the line-of-sight nature of ultrasound waves.

A TechCrunch interview from Saturday concedes the point, saying, The system “requires a line of sight and can’t charge through walls or clothes.” The latest story, though, didn’t address the obvious discrepancy with the earlier account. The most recent story says uBeam could transmit up to 4 meters, far less than the 30 feet (9 meters) claimed in an earlier piece.

While the company has made several technical advances involving ultrasound, “the idea that uBeam is going to eliminate the need for wires is ridiculous,” said one person with knowledge of the situation.

Leaning towards IEEE Spectrum’s sources knowing more about this topic than Techcrunch’s.
link to this extract

I’m going to make Facebook’s AI predict what happens in videos » New Scientist

Yann Lecun is Facebook’s head of AI:

Q: Are there problems that you think deep learning or the image-sensing convolutional neural nets you use can’t solve?
JL: There are things that we cannot do today, but who knows? For example, if you had asked me like 10 years ago, “Should we use convolutional nets or deep learning for face recognition?”, I would have said there’s no way it’s going to work. And it actually works really well.

Q: Why did you think that neural nets weren’t capable of this?
JL: At that time, neural nets were really good at recognising general categories. So here’s a car, it doesn’t matter what car it is or what position it is. Or there’s a chair, there are lots of different possible chairs and those networks are good at extracting the “chair-ness” or the “car-ness”, independently of the particular instance and the pose.

But for things like recognising species of birds or breeds of dogs or plants or faces, you need fine-grained recognition, where you might have thousands or millions of categories, and the differences between the different categories is very minute. I would have thought deep learning was not the best approach for this – that something else would work better. I was wrong. I underestimated the power of my own technique. There’s a lot of things that now I might think are difficult, but, once we scale up, are going to work.

link to this extract

Errata, corrigenda and ai no corrida: Satya Nadella uses a Lumia 950 XL.

Start up: Google open-sources machine learning, Adele v streaming, Facebook’s Belgian problem, and more

Posted on November 10, 2015 by charlesarthur

Steve Reich’s Piano Phase, as a video, by Alexander Chen.

You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.

A selection of 9 links for you. Made without nuts. I’m charlesarthur on Twitter. Observations and links welcome.

Preserving security in Belgium » Facebook

Alex Stamos works on online security for Facebook, while a Belgian court has ruled that the “datr” cookie it uses is not legal. Stamos isn’t happy:

The reason I’m bullish on the datr cookie is because for at least the last five years we have used it every day to defend people’s accounts through the following actions:
• Preventing the creation of fake and spammy accounts
• Reducing the risk of someone’s account being taken over by someone else
• Protecting people’s content from being stolen
• Stopping DDoS attacks that could make our site inaccessible to people

If the court blocks us from using the datr cookie in Belgium, we would lose one of our best signals to demonstrate that someone is coming to our site legitimately. In practice, that means we would have to treat any visit to our service from Belgium as an untrusted login and deploy a range of other verification methods for people to prove that they are the legitimate owners of their accounts. It would also make Belgian devices more attractive to spammers and others who traffic in compromised accounts on underground forums…

The datr cookie is only associated with browsers, not individual people. It doesn’t contain any information that identifies or is tied to a particular person. At a technical level, we use the datr cookie to collect statistical information on the behavior of a browser on sites with social plugins, such as the Like button, to help us distinguish patterns that look like an attacker from patterns that look like a real person.

Tricky.
link to this extract

Why streaming doesn’t really matter for Adele » Music Industry Blog

Mark Mulligan:

Looking at mid-year 2015 consumer data from the US we can see that music buyers (i.e. CD buyers and download buyers) are still a largely distinct group from free streamers (excluding YouTube). While this may seem counter intuitive it is in fact evidence of the twin speed music consumer landscape that is emerging. This is why ‘Hello’ was both a streaming success (the 2nd fastest Vevo video to reach 100m views) and a sales success (the first ever song to sell a million downloads in one week in the US). These are two largely distinct groups of consumers.

As a reader of this blog you probably live much or most of your music life digitally, but for vast swathes of the population, including many music buyers, this is simply not the case. Given that the mainstream audience was so key to ‘21’s success we can make a sensible assumption that many of these will also fall into the 27% of consumers that buy music but do not stream.

This is also why it was so tricky for Apple to move into streaming: lots of iTunes users simply don’t. And also why Adele’s audience and prospects are very different from Taylor Swift’s.
link to this extract

Facing pressure in China, Xiaomi also stalls in India » The Information

Amir Efrati:

the domestic Chinese market has slowed, while Xiaomi has dropped to No. 2 there after Huawei Technologies in terms of market share for the third quarter of this year, according to research firm Canalys.

The results in India seem to bear out the bear thesis on Xiaomi’s expansion plans: that it will be harder to succeed outside of China because it would have to work within the bounds of Google’s version of Android, where it can’t customize the software—and run an app store—the way it does inside of China, where Google mobile apps are almost completely absent.

In India, Xiaomi is “just another low-cost phone hardware company,” says one rival executive.

One Indian e-commerce executive whose firm sells smartphones says Xiaomi has “stagnated” online and that sales of Samsung and Motorola phones were much stronger during a recent period of online promotions known as “Big Billions Days.” Xiaomi, bucking its traditional practice of selling phones only online, has been willing to sacrifice some margin and sell phones through some retail stores in India.

If you have to offer Google Mobile Services, in the end your differentiation will be whittled away.
link to this extract

Tim Cook: Apple CEO on the company’s latest venture – the iPad Pro » The Independent

David Phelan bagged an interview while the Apple chief was in London:

The iPad Pro is the most expensive tablet yet, £679 and up. At a time when iPad sales are flat, was he tempted to do as some competitors have done and released, say, a £50 tablet? “No, there are no good £50 tablets. We’ve never been about making the most, we’ve been about making the best. This was a way of making a product that people can do a lot of things with. I think it will attract a lot of PC users and people who are not currently using Apple products. And I think it will be a reason for people to upgrade who love iPad and who have been waiting for something very different and now here it is.”

Along with the Pencil, there’s a keyboard cover. Cook says it’s different from rival keyboards because with none of those would you say it “came from the same parent” as the tablet itself. “Now all of a sudden you have a keyboard that has been perfectly designed for the iPad, it’s integrated and then you’ve got the software with split view and it’s inherently very productive. I’m travelling with the iPad Pro and other than the iPhone it’s the only product I’ve got.”

You have to love Cook’s rejection of “why did you do a stylus?” “It isn’t a stylus, it’s a Pencil.” Hear the capital. And his description of his youth as a trombone player is hilarious.
link to this extract

DTEK by BlackBerry » Android Apps on Google Play

Interesting move by BlackBerry: DTEK looks at how often and to what extent other apps have been accessing your location, contacts and so on:

In this world of interconnected apps and networks, controlling what is shared and who it’s shared with can be a challenge. BlackBerry® DTEK for Android™ allows you to view and improve your privacy level and monitor application access to your camera, microphone, location and personal information. Take control with DTEK by BlackBerry.
Key Features:

• Monitor – Know at a glance the overall security rating for your device, as well as for specific security features. You can identify whether or not you need to take any action to improve the security of your device.

And so on. For Android 5.0 and up; seems like it would be a useful app for anyone on Android. Certainly some of the folk at UTB blogs found Facebook taking amazing liberties – such as Facebook accessing the phone location 561 times in 60 hours. That’s roughly every 6 minutes. You were asking about your battery life? (Apparently there’s a version coming for iOS too.)
link to this extract

TensorFlow: smarter machine learning, for everyone » Official Google Blog

Sundar Pichai:

It’s a highly scalable machine learning system—it can run on a single smartphone or across thousands of computers in datacenters. We use TensorFlow for everything from speech recognition in the Google app, to Smart Reply in Inbox, to search in Google Photos. It allows us to build and train neural nets up to five times faster than our first-generation system, so we can use it to improve our products much more quickly.

We’ve seen firsthand what TensorFlow can do, and we think it could make an even bigger impact outside Google. So today we’re also open-sourcing TensorFlow. We hope this will let the machine learning community—everyone from academic researchers, to engineers, to hobbyists—exchange ideas much more quickly, through working code rather than just research papers. And that, in turn, will accelerate research on machine learning, in the end making technology work better for everyone. Bonus: TensorFlow is for more than just machine learning. It may be useful wherever researchers are trying to make sense of very complex data—everything from protein folding to crunching astronomy data.

No quibbles: this is excellent news. Main site is http://www.tensorflow.org. Written in Python; binaries available for Linux and Mac. I’m sure there’s another desktop OS, isn’t there?
link to this extract

RECONSIDER » Medium

David Heinermeier Hansson (he usually goes by “DHH”), who founded Basecamp which – yawn! – is just mildly and continually successful:

it’s hard to carry on a conversation with most startup people these days without getting inundated with odes to network effects and the valiance of deferring “monetization” until you find something everyone in the whole damn world wants to fixate their eyeballs on.

In this atmosphere, the term startup has been narrowed to describe the pursuit of total business domination. It’s turned into an obsession with unicorns and the properties of their “success”. A whole generation of people working with and for the internet enthralled by the prospect of being transformed into a mythical creature.

But who can blame them? This set of fairytale ideals are being reinforced at every turn.
Let’s start at the bottom: People who make lots of little bets on many potential unicorns have christened themselves angels. Angels? Really?

link to this extract

Piano Phase » Alexander Chen

This site is based on the first section from Steve Reich’s 1967 piece Piano Phase. Two pianists repeat the same twelve note sequence, but one gradually speeds up. Here, the musical patterns are visualized by drawing two lines, one following each pianist.

The sound is performed live in the browser with the Web Audio API, and drawn in HTML5 Canvas.

This is really wonderful. Chen is a creative director at Google Creative Lab – he has done lots of other visualisations of music.
link to this extract

The consumerization of the automobile supply chain » DIGITS to DOLLARS

Jonathan Greenberg:

Last week I saw an interesting post on Venture Beat about Acer Launching an Electric All-Terrain Vehicle [quad bike, for UK readers]. This struck a chord because Taiwan-based Acer is a manufacturer of PCs and other consumer electronics (CE) devices. Acer is one of the most prominent companies in Taiwan’s CE complex, which builds almost all of our consumer gadgets. They are closely tied to some of the industry’s most important ODMs, component vendors and contract manufacturers. It is not that surprising to see a consumer electronics giant diversify into higher priced devices as they move up the value chain. However, if you don’t look at Acer as an device maker, but instead view them as a flagship of the Taiwanese electronics industry, the announcement has broader implications.

You can see where this is going, can’t you?
link to this extract

Errata, corrigenda and ai no corrida: none reported.