This was when the fridge calendar worked. Photo by Kaeru on Flickr.
You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam.
A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.
The joy of getting hacked » Waxy.org
A quick ‘top’ revealed that MySQL was pegging the CPU, so I logged into the MySQL console and saw that a dump of the database was being written out to a file. This was very unusual: I never schedule database backups in the middle of the day, and it was using a different MySQL user to make the dumps.
Then I noticed where the mysqldump was being written to: the directory for a theme from a WordPress installation I’d set up the previous month, an experiment to finally migrate this blog off of MovableType.
This set off all my alarms. I immediately shut down Apache and MySQL, cutting off the culprit before they could download the dumped data or do any serious damage.
I’d recently updated to the latest WordPress beta, and saw that the functions.php file in the twentysixteen theme directory was replaced with hastily-obfuscated PHP allowing arbitrary commands to be run on my server through the browser.
I’ve had this sort of experience in the past – also with WordPress. It’s a total pain.
Baio points out though that the real weakness was probably not WordPress, but PhPMyAdmin, which is even worse in terms of security vulnerabilities. If you’re running it, delete it.
link to this extract
China’s hippest smartphone maker warns shakeout will get worse » Bloomberg Business
OnePlus, based in Shenzhen, is aiming for similar glory. After originally requiring customers to get an invitation before buying a phone, OnePlus is dropping that approach to broaden its appeal and raise its brand awareness in the U.S., Europe and India. The company says it earned $300m selling nearly 1m phones last year, but won’t reveal figures for this year.
Sales have increased to about 1.3m units worldwide in the first nine months of this year, with 57% sold in the Asia Pacific region, according to Jensen Ooi, an analyst at IDC Corp.
“2016 is the year that a lot of people will be exposed to OnePlus,” Pei said, adding that the company is spending money on promotions like a pop-up store in New York’s Times Square to advertise their brand.
The trouble is that almost no one is making money in smartphones these days except Apple. That company alone gobbles up some 90% of industry profits.
“No one is going to get rich off smartphones in the short term,” he said.
OnePlus is probably making more money than HTC.
link to this extract
November 2014: Can’t sign in to Google calendar on my Samsung refrigerator » Google Product Forums
I have a Samsung RF4289HARS refrigerator. The Google calendar app on it has been working perfectly since I purchased the refrigerator August 2012. However, with the latest changes in Google Calendar API, I can no longer sign in to my calendar. I receive a message stating ” Please check your email in Google Calendar website”. I can sign in fine on my home PC and have no problem seeing the calendar on my phone. Perhaps this is a Samsung issue, but I thought I would try here first. Has anyone else experienced this problem and what was the solution?
Yes, other people certainly had experienced this problem. The solution? Er.. well, here’s a post from 18 November 2015:
After 2 years, I still cannot access my Calendar on my Samsung HRS4289……It says cannot connect to the server. I just got done with Samsung and they say, if it needs a software update, it will ‘come’…..that’s a freaking joke. I have software 2.550 loaded……Is there something I need to do to reestablish my calendar??…..this is so ridiculous. I’m more of a yahoo person and not really too familiar with google calendar except I did have it up and running…Ii do have a google calendar account….and it should be talking. Please be specific if there’s something I need to do. I’d really appreciate it. Very frustrating.
Anyhow, do tell me more about your plans to build an internet fridge – the ultimate zombie product.
link to this extract
Satoshi’s PGP keys are probably backdated and point to a hoax » Motherboard
there’s one really big problem with the case for Craig S. Wright as Satoshi: at least one of the key pieces of evidence appears to be fake. The “Satoshi” PGP keys associated with the Wired and Gizmodo stories were probably generated after 2009 and uploaded after 2011.
We say keys, because there are two entirely different keys implicated by Wired and by Gizmodo. And neither of them check out.
There is only one PGP key that is truly known to be associated with Satoshi Nakamoto. We’ll call this the Original Key.
Before we continue, we should note that the PGP keys are just one piece of the puzzle. When asked for comment, Gizmodo editor Katie Drummond said that the keys “are just one (relatively small) data point among many others, including in-person interviews and on-the-record corroboration.”
But the keys are important because they’re not just plain suspicious, there’s evidence of active, intentional deception with respect to the keys. (Wired’s Andy Greenberg pointed out that this was already in line with their article, which notes that Wright may have engaged in an elaborate, long-running deception).
Urgh. So much work, and a detail like this seems to sink it (although read on; key creation dates can be faked). The element that made me (as a journalist) wonder about the original story was that the details were leaked by someone who claimed to have “hacked Satoshi”. Really? And yet the characters in the story – far-flung, credible – equally point strongly to it being correct. That sort of detail doesn’t happen coincidentally.
Also, Leah Goodman – who wrote the original “not quite” Satoshi story – says the “hack” was being touted to journalists aggressively this autumn, apparently from a disgruntled employee of the latest “Satoshi”.
link to this extract
The dangers of setting VR expectations and valuations too high » Forbes
One report by Juniper Research forecasts 30m head-mounted display (HMD) shipments by 2020. That expectation includes a projection that 3m HMDs will ship by 2016 driven by video and gaming use cases. My biggest problem with this projection is that there is no one combination of players that can ship 3m units. Even taking Oculus, Sony, Samsung Electronics , and HTC Valve and all their HMDs [head-mounted displays] into account, the prices and volumes simply won’t be there for 3m units in 2016.
The reality will be much closer to 1 to 2 million units in 2016, and most of those will likely be Samsung Electronics’ Gear VR headsets, since the latest version will be shipping for $99 and be compatible with all of Samsung’s latest high-end phones. Oculus doesn’t have the manufacturing capacity or the price point (around $400-$500) to drive enough volume to help reach 3m units. The same goes for the Vive; they aren’t targeting to make it a high volume product. While we don’t know the price yet, we know it’s going to be more than the Oculus Rift and that will affect volume on its own, not to mention the fact that you need quite a bit of space to set it up. Sony and Samsung are the only two companies that really have the knowhow to potentially ship enough units to hit the million mark.
The global village and its discomforts — Design Fictions » Medium
Fabien Girardin suggests that new technologies bring their own anxieties with them:
Social network platforms act as an extension of our social practices. Like with any technological extension we are right to be fascinated by its power and scale. However, we too frequently choose to ignore or minimize the ‘amputations’ and implications they produce.
Or as French cultural theorist Paul Virilio would argue: “The invention of the ship was also the invention of the shipwreck.”
For instance, our capacity to record every moment of our lives comes with the high vulnerability of digital data. In fact, no machine can today read a 15 years old hard drive. It is ironic that we have the technological means to record and share our social lives, yet we all might suffer one day from ‘digital amnesia’.
Can Theranos CEO Elizabeth Holmes fend off her critics? » Bloomberg Business
Sheelah Kolhatkar and Caroline Chen:
Theranos isn’t the only diagnostic company to provide scant details on its technology. “The process has been suboptimal across the industry, but now I think we’re at the crossroads,” [John] Ioannidis [professor of medicine at Stanford, and author of a 2005 paper “Why Most Published Research Findings Are False”] says. “Theranos caught my attention early on because they had such vibrant media stories. Other companies just don’t make such claims. Today it’s Theranos. Tomorrow it may be another company.” He adds: “If you get the wrong test result, you could go down a path that could really destroy your life.”
Holmes says the company’s era of secrecy is over, and it’s inviting outsiders, including reporters, to try the tests for themselves. (For the record, the finger prick feels like a finger prick.) In December, she says, a group of independent medical experts will spend two days in Theranos’s lab to examine the technology, the data, and the regulatory filings, and can then talk publicly about what they found.
Looking forward to that. It would be fantastic if Theranos actually does have a super-cheap blood test; it could make a vast difference to diagnosis. But are the odds in its favour?
link to this extract
Focus by Firefox: content blocking for the open web » The Mozilla Blog
Denelle Dixon-Thayer, Mozilla’s chief legal and business officer:
We want to build an Internet that respects users, puts them in control, and creates and maintains trust. Too many users have lost trust and lack meaningful controls over their digital lives. This loss of trust has impacted the ecosystem – sometimes negatively. Content blockers offer a way to rebuild that trust by empowering users. At the same time, it is important that these tools are used to create a healthy, open ecosystem that supports commercial activity, instead of being used to lock down the Web or to discriminate against certain industries or content. That’s why we articulated our three content blocking principles…
…we’ve based a portion of our product on a list provided by our partner Disconnect under the General Public License. We think Disconnect’s public list provides a good starting point that demonstrates the value of open data. It bases its list on a public definition of tracking and publicly identifies any changes it makes to that list, so users and content providers can see and understand the standards it is applying. The fact that those standards are public means that content providers – in this case those that are tracking users – have an opportunity to improve their practices. If they do so, Disconnect has a process in place for content providers to become unblocked, creating an important feedback loop between users and content providers.
Disconnect is the company whose product was banned from Google Play for “interfering with” other apps. Disconnect formally complained in the EU in June, but hasn’t apparently done so with the FTC in the US.
link to this extract
EU explores whether Google, Yahoo should pay for showing online news snippets » Reuters
The European Union is looking into whether services such as Google News and Yahoo News should pay to display snippets of news articles, wading into a bitter debate between the online industry and publishers.
The European Commission, the EU’s executive, said on Wednesday it will consider whether “any action specific to news aggregators is needed, including intervening on the definition of rights.”
The move came as Brussels unveiled plans to loosen copyright rules in the 28-member bloc in order to allow citizens to watch more content online.
Dubbed the “Google Tax”, making online services pay to display news snippets has sparked fierce opposition from both the tech industry and some publishers.
Can’t see it ending well for those who want payment. It’s like banning people from deep linking: sounds great to people who haven’t used the internet.
link to this extract
Samsung, Micromax planning to discontinue 2G phones » Times of India
Writankar Mukherjee & Gulveen Aulakh:
Samsung and Micromax, the leading sellers of smartphones in India, are planning to discontinue so-called 2G phones and focus on devices that run on faster 3G and 4G networks as prices have dropped sharply for such handsets in the past year. Then there’s the Reliance Jio effect.
“The focus has shifted to 4G phones with telecom operators launching such services,” said Micromax Informatics chief executive officer Vineet Taneja. “4G models already account for 30% of our portfolio with 14 models and will increase to 20 by March.”
The imminent launch of 4G services by Reliance Jio Infocomm has prompted incumbents Bharti Airtel and Vodafone to launch their own high-speed networks in anticipation of competition. That coupled with falling prices has almost wiped out demand for handsets running on 2G.
Errata, corrigenda and ai no corrida: none notified.