Start up: hacked ATMs in Mexico, Cyanogen + Cortana, iPhone forecasts, Apple TV v consoles, and more

Posted on September 15, 2015 by charlesarthur

Content blockers are days away from going live with iOS 9. Photo by Dave Lanovaz on Flickr.

A selection of 10 links for you. Wash at 40 degrees. I’m charlesarthur on Twitter. Observations and links welcome.

Should police have the right to take control of self-driving cars? » Techdirt

Karl Bode:

Just how much power should law enforcement have over your self-driving vehicle? Should law enforcement be able to stop a self-driving vehicle if you refuse to? That was a question buried recently in https://assets.documentcloud.org/documents/2388355/rand-rr928.pdf (pdf) which posits a number of theoretical situations in which law enforcement might find the need for some kind of automobile kill switch:

“The police officer directing traffic in the intersection could see the car barreling toward him and the occupant looking down at his smartphone. Officer Rodriguez gestured for the car to stop, and the self-driving vehicle rolled to a halt behind the crosswalk.

Commissioned by the National Institute of Justice, the RAND report is filled with benign theoreticals like this, and while it briefly discusses some of the obvious problems created by giving law enforcement (and by proxy intelligence agencies) this type of power over vehicle systems and data, it doesn’t offer many solutions.

That’s quite a question. Then again, would you try to make a getaway in an SDC?
link to this extract

Intelligent machines: Making AI work in the real world » BBC News

Eric Schmidt – you know, the Google guy – wrote a piece for the BBC’s machine learning week. Most of it is blah. Then there’s this bit:

In the next generation of software, machine learning won’t just be an add-on that improves performance a few percentage points; it will really replace traditional approaches.

To give just one example: a decade ago, to launch a digital music service, you probably would have enlisted a handful of elite tastemakers to pick the hottest new music.

Today, you’re much better off building a smart system that can learn from the real world – what actual listeners are most likely to like next – and help you predict who and where the next Adele might be.

As a bonus, it’s a much less elitist taste-making process – much more democratic – allowing everyone to discover the next big star through our own collective tastes and not through the individual preferences of a select few.

This is being taken as a dig at Apple Music with its human-curated lists. Well, sure, but the “radio” function in Apple Music isn’t human-curated. And music choice “democratic”? Isn’t that how it already works?
link to this extract

iOS dev: why Apple TV is game over for Xbox One and PS4 » Forbes

Dave Thier:

It’s hard to imagine an immediate threat to Microsoft MSFT -0.93% Xbox One and Sony PS4 running games like Halo and Uncharted. But I talked to Jeff Smith, CEO of the popular Karaoke app Smule , and a developer who’s been with the iOS platform since the beginning. He says that Xbox One and PS4 fans shouldn’t be too quick to dismiss the Apple TV as a serious gaming contender. The key, he says, is that Apple is a developer-friendly platform, and that means more content, and, as iOS has shown, more quality content as well.

“We think it’s significant if you consider the console market today: it’s been a market where there have been high barriers of entry to get into that market,” Smith says. “You have to get Sony and Microsoft or Nintendo to get you on to the platform, you have to have a custom deal, and they’re all proprietary platforms. With Apple bringing tvOS, which is a subset of iOS, onto a console-like platform, we think it lowers the barrier of entry. And I think you’ll see a lot more developers on the console market than ever before.”

Suitably overdone headline, but it’s certainly a mistake to dismiss the Apple TV out of hand. It has an install base of 25m, which isn’t much (the PS3 and Xbox 360 are at about 70m, the PS4 and Xbox One rather less so far), but the next version will attract a lot more people. And you don’t need to pay to put a game on iOS.
link to this extract

Tracking a Bluetooth skimmer gang in Mexico » Krebs on Security

Brian Krebs:

“–Sept. 9, 12:30 p.m. CT, Yucatan Peninsula, Mexico: Halfway down the southbound four-lane highway from Cancun to the ancient ruins in Tulum, traffic inexplicably slowed to a halt. There was some sort of checkpoint ahead by the Mexican Federal Police. I began to wonder whether it was a good idea to have brought along the ATM skimmer instead of leaving it in the hotel safe. If the cops searched my stuff, how could I explain having ultra-sophisticated Bluetooth ATM skimmer components in my backpack?”

The above paragraph is an excerpt that I pulled from the body of Part II in this series of articles and video essays stemming from a recent four-day trip to Mexico. During that trip, I found at least 19 different ATMs that all apparently had been hacked from the inside and retrofitted with tiny, sophisticated devices that store and transmit stolen card data and PINs wirelessly.

In June 2015, I heard from a source at an ATM firm who wanted advice and help in reaching out to the right people about what he described as an ongoing ATM fraud campaign of unprecedented sophistication, organization and breadth. Given my focus on ATM skimming technology and innovations, I was immediately interested.

Krebs gets up to some amazing jaunts.
link to this extract

Google found guilty of ‘abusing dominant market position’ in Russia » WSJ

Olga Razumovskaya and Alistair Barr:

Google has been found guilty in a rapid Russian antitrust probe, a spokesperson for the country’s antitrust regulator told The Wall Street Journal.

In February, Russia’s Federal Antimonopoly Service opened a probe into Google for alleged anticompetitive practices related to how the company bundles apps with its Android mobile operating system.

The company was found guilty of “abusing its dominant market position,” but not of “unfair competition practices,” the regulator told The Wall Street Journal.

The Russian agency will have 10 business days to issue its ruling on the case in full. “We haven’t yet received the ruling,“ Google’s Russia spokeswoman said. “When we do, we will study it and determine our next steps.”

Form an orderly queue behind the EC, Canada and the rest, please, Russia. Also, how do you have dominance abuse but not unfair competition?
link to this extract

Cortana on Cyanogen: CEO Kirt McMaster on building the next great smartphone OS » IB Times

David Gilbert:

Cyanogen has not announced any partnerships with hardware manufacturers beyond what is already on the market, but to really reach the masses, it will have to partner with a well-known name – and for companies like Sony, HTC and LG, all struggling to make Android work, Cyanogen could be an enticing option.

Of course, with Microsoft’s Lumia range failing to capture any significant market share since the company bought Nokia’s mobile phone division, it, too, could be on the lookout for something new.

While McMaster tells it like it is about Microsoft’s smartphone woes, he says Microsoft is still a great company and builds great services, one of which is going to be key in building the next version of Cyanogen – and that is Cortana.

Microsoft’s digital personal assistant has grown significantly since it began life on the company’s smartphones and this summer had its biggest update to date when it was deeply integrated into Windows 10 and Microsoft’s Edge browser.

McMaster revealed that Cyanogen is working with Microsoft to deeply integrate Cortana into the next version of Cyanogen OS. This is key to catapulting Cyanogen into the mass market, he asserts: Cortana is currently available as an app on Android, but in order for it to make a real difference, it needs to be able to be integrated at the OS level so that its full potential can be leveraged.

So how would that work in a phone running Google services? Wouldn’t Cortana and ‘OK Google’ fight like cats in a sack?
link to this extract

Next up: iPhone preorder sales data » BTIG Research

Walter Piecyk:

The focus of investors is squarely on the number of phones that can be sold over the next three and a half months. Our estimate is that it can sell 80 million units in the December quarter versus a consensus view that expects little to no growth this year. We believe 3D touch is a much bigger deal that many think and wrote about that and our hands-on experience with all of Apple’s new products. (Link). Of course the bigger issue is that 70% of existing iPhone users are carrying 5s or older models, of which the 6 and 6S models are big upgrades. As we have discussed in the past, the lower hurdles to upgrade those phones in the United States could be a key driver of sales.

Last year at this time Apple shipped 74.5m phones; only Samsung has previously shipped 80m or more smartphones in a quarter (which it’s done four times).

link to this extract

Hands on with three iOS 9 content blockers: 1Blocker, Blockr and Crystal » TechCrunch

Sarah Perez:

ahead of iOS 9’s release, a number of companies and indie developers have been building content blockers of their own and testing them out with iOS 9’s sizable group of beta testers.

While many consumers will likely gravitate toward AdBlock Plus because of their familiarity with the brand’s name and reputation, there will be a good handful of new apps on the horizon as well, which are also worth a look.

As she says, you can choose from super-twiddly, a bit twiddly, and simple. I’d bet that simple will actually be the one people pick.

Meanwhile…
link to this extract

Advertisers complain about format & approval obstacles with iOS 9’s News app » Apple Insider

Roger Fingas:

Although publishers like CNN, Time, and Vox are making most of their content available in the app, some are said to be planning to offer a few dozen stories a day at most. Standouts in that sense include companies that depend on paid subscription models, such as the New York Times and Wall Street Journal.

Some ad executives have complained that common tools like real-time placement bidding aren’t in place for the News launch, and that Apple is requiring 48 hours notice before approving a campaign. The company is also allegedly demanding that pre-roll ads before video segments get their own approval.

Apple is moreover refusing to support Google’s DoubleClick ad platform. Edward Kim, a member of the online marketing company SimpleReach, argued to the Post that Apple is attempting to use News to build up iAd. That platform has struggled to gain ground in a market dominated by Google — whereas Google ads can reach virtually any device, iAd is unusable in some key spaces, like Android.

“Real-time placement bidding” is what quickly leads to malware and “bounce you out to App Store install” ads.
link to this extract

Google reveals plans to increase production of self-driving cars » The Guardian

Mark Harris (who has done so much great original reporting on this topic):

[Sarah] Hunter [head of Google X] also shared new details about how the existing driverless prototypes work. “All [the car] has is a ‘go’ button, a ‘please slow down and stop’ button and a ‘stop pretty quickly’ button,” she said. “The intention is that the passenger gets in the vehicle, says into microphone, take me to Safeway, and the car does the entire journey.”

Advertisement

Google’s self-driving cars currently require highly detailed maps of the areas they’re operating in, with centimetre accuracy of road features like lanes, roundabouts and traffic lights. They are also limited to 25mph so that Google could get them on to public roads without expensive and time-consuming crash tests. Even more importantly, they need safety drivers able to take control back in an instant if the system malfunctions. California is slowly working on regulations that will pave the way for the operation of completely driverless vehicles by the public.

All of this means that Google is unlikely to move its self-driving technology into full production any time soon. “We haven’t decided yet how we’re going to bring this to market,” admitted Hunter. “Right now, our engineers are trying to figure out … how to make a car genuinely drive itself. Once we figure that out, we’ll figure out how to bring it to market and in which way. Is it something that we manufacture at scale for sale to individuals? Or is it something that we own and operate as a service?”

Is it a taxi, a bus or an owned device? Seems trivial; actually gets to the heart of what a “car” is.
link to this extract

Start up: Uber’s China fight, Stagefright goes public, women and Apple, Wileyfox reviewed, and more

Posted on September 11, 2015 by charlesarthur

Feast your eyes: you’ll never see its like again. (Hopefully.) Photo by MarkGregory007 on Flickr.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Inside Uber’s fight with its Chinese nemesis, Didi Kuaidi » WSJ

Fabulous in-depth piece by Eva Dou and Rick Carew:

Both companies have sought to woo drivers with bonuses to those who rack up rides. Uber has offered larger bonuses in an effort to catch up in scale, earlier this year giving as much as 7,000 yuan weekly to Beijing drivers who completed a high number of rides—quadruple a traditional taxi driver’s wages, according to drivers. Both companies have bonuses for individual rides during peak times and smaller bonuses for individual achievements, such as referring friends or getting high ratings.

Now the challenge for both is keeping drivers and riders while weaning them off bonuses and coupons.

Yang Yang, a 33-year-old Uber driver in Beijing, says bonuses are increasingly difficult to get. He stays on the road 12 to 14 hours a day to qualify for the weekly bonus, using minty salves to stay awake.

The lure of bonuses has led drivers to game the system. Uber and Didi Kuaidi battle drivers who book fake rides—known as “brushing” in China. In brushing, the scammer will typically pose as both driver and rider, essentially paying himself multiple times to build up enough fake business to win a bonus.

Rings of scammers use specialized software bought online to rack up fake rides while they sit at home, drivers interviewed say. They say they get calls and texts from people offering to help them scam Uber for a fee. Didi Kuaidi is suffering less from the problem, according to drivers, as its lower driver bonuses are less of a draw.

I love how people find ways to game systems like this; it’s the thing that definitely keeps us a step ahead of the damn robots.
link to this extract

The Washington Post has begun blocking the ad blockers » BuzzFeed News

Matthew Zeitlin:

“Many people already receive our journalism for free online, with digital advertising paying only a portion of the cost,” a Washington Post spokesperson told BuzzFeed News.

“Without income via subscriptions or advertising, we are unable to deliver the journalism that people coming to our site expect from us. We are currently running a test using a few different approaches to see what moves these readers to either enable ads on The Washington Post, or subscribe.”

There’s a kind of Cold War brewing between publishers who say that ad blocking software cuts off the lifeblood of free media online, and readers who complain about pages crammed with garish ads and intrusive trackers, which make many sites bloated and slow to load.

Not sure it’s a cold war. It’s about to get a lot more heated: iOS 9 comes out next week, and the content blocking apps will all be lining up for it.
link to this extract

Android Stagefright exploit code released to public » Threatpost

Michael Mimoso:

[Joshua] Drake, vice president of platform research and exploitation at Zimperium zLabs, said in July the bug could affect more than 950m Android devices. He chose not to publish exploit code at the time, giving Google time to push patches to the Android Open Source Project and subsequently to handset manufacturers and carriers. He originally planned to release exploit code on Aug. 24.

Google, meanwhile, wasted no time in changing the way it releases security updates for Android, announcing at Black Hat that it would send monthly over-the-air updates its Nexus phones. The move was mirrored by others, including Samsung and LG, and the first Nexus updates included patches for Stagefright. Silent Circle also patched its Blackphone and Mozilla patched Firefox, which uses Stagefright code in the browser.

Stagefright is the name of the media playback engine native to Android, and the vulnerabilities Drake discovered date back to version 2.2; devices older than Jelly Bean (4.2) are especially at risk since they lack exploit mitigations such as Address Space Layout Randomization (ASLR) that are present in newer versions of Android.

The problem is that Stagefright is an over-privileged application with system access on some devices, which enables privileges similar to apps with root access.

When the tide goes out, you discover who’s been swimming naked, or hasn’t put on their security trousers.
link to this extract

Focusing on the full picture with data » FlowingData

Nathan Yau:

I don’t know the full context of this discussion, but in the interview below, Hans Rosling talks to media person Adam Holm about why we shouldn’t use the media to form our opinions about the world. Media person disputes. Rosling puts foot on table and says Holm is wrong.

This is terrific. Enjoy.

Rosling also gave a TED talk in 2014: “How not to be ignorant about the world“.
link to this extract

Wileyfox Swift: Brit startup budget ‘droid is the mutt’s nuts » The Register

Alun Taylor:

If someone asked me what my ideal smartphone would be I’d say one that costs no more than £120, has 16GB of storage, at least 2GB of RAM, a 5-inch IPS screen, a removable battery, two SIM slots, space for a microSD card, the best iteration of Android available (that’s the Cyanogen OS Android fork, in my opinion) and is waterproof.

There’s nothing revolutionary about the Swift’s design, it’s just smart and well made
Wileyfox’s new Swift actually fails to meet two of those criteria – the cost is £130, and there’s no waterproofing. But as we’ll see, considering the rest of the package, it’s very easy to forgive those two failings.

In an increasingly competitive market the Swift is up against the likes of the Motorola Moto G and Sony Xperia M4 Aqua, both of which we have reviewed recently. And both of which are rather more expensive at £189 (for the 2GB RAM version) and £199 respectively.

Along with price deflation, Android is splitting into niches, as well as software specialisation – such as the use of Cyanogen here. This is great value; it’s not going to sell in huge volumes (simply because of supply chain constraints) but it’s where the Android market is going.
link to this extract

Bullshit, selfies and Photoshopped smiles: Apple’s iPhone 6S announcement was a joke » Gadgette

Holly Brockwell is pissed off and she isn’t going to take it any more:

It’s no secret that I’m far from Apple’s biggest fan. In fact, despite what Reddit seems to think, I’m firmly Team Android. But that doesn’t mean I don’t give Apple credit where it’s due – it’s just that it seems to be due less and less these days. Last night’s announcement was their worst yet.

Her principal complaint seems to be “these things have all been done before!” along with “there was a Photoshop demo using a woman’s face!”. The “where were the women?” thing seemed to become a mini-meme on Twitter. Perhaps I was missing the bit where Jen Folse came out and demoed Apple TV entirely on her own. Or where a female doctor showed off the iPad Pro, again, entirely on her own. Or a female entrepreneur from Gilt showed what she could do on Apple TV. Sure, there were more men. But that’s true in pretty much any tech event.

My wife constantly quotes a friend says you can divide the world into drains and radiators – some suck you dry, some warm you up. I prefer radiators. Which is why I love this tweet from Lia Napolitano, who used to work on the Apple TV team, praising Folse, who still does.

You guys. Check out Jen Folse's Siri nail art. #womeninpower #womenindesign pic.twitter.com/EldZkI0yuG

— Lia Napolitano (@napolisaurusrex) September 10, 2015

link to this extract

Production of new 21-inch iMac begins, say Taiwan makers » Digitimes

Aaron Lee and Joseph Tsai:

Production of a new 21-inch iMac featuring a 4096 by 2304 screen kicked off in early September and will be launched in the fourth quarter, with shipments in the quarter estimated at 1.4m-1.5m units, according to Taiwan-based supply chain makers.

With shipments from existing iMac products, Apple’s overall all-in-one PC shipments could surpass those of Lenovo in the second half.

The sources pointed out that the new 21-inch iMac only has a limited change in industrial design, but is upgraded with better hardware specifications, especially the Ultra HD display.

This will probably be no more than a press release from Apple. The current 21in iMac is 1920 by 1080 pixels – so this is going to be an amazing screen.
link to this extract

Amazon finally stops selling the Fire Phone, as company adjusts its hardware strategy » GeekWire

Tricia Duryee:

It’s taken more than a year, but Amazon has finally exhausted its supply of Fire Phones.

At least that appears to be the case based on the phone’s product page, which now lists the device as “currently unavailable,” with an additional note in the buy box, stating: “We don’t know when or if this item will be back in stock.”

That’s true for both the 32GB and 64GB models.

A year ago I calculated that no more than 35,000 had been sold. I wonder what the final number was.
link to this extract

Electronic noise is drowning out the Internet of Things » IEEE Spectrum

Mark McHenry, Dennis Roberson and Robert Matheson:

it is expensive to trace RF [radio frequency] pollution to a source and, when you do, it is often challenging to get offenders to stop offending.

The coming Internet of Things is going to make things worse. Much worse. It will do so by adding complex RF-control chips to countless common devices, like door locks, light switches, appliances of every type, our cars, and maybe even our bodies, which will enable them to connect to the Internet. Each of these chips is a potential source of noise. Plenty of technological fixes are available, of course, but the huge number of chips means that manufacturers will be more reluctant to add costly shielding and other noise-muffling features to their products. Silence is golden: It costs money to get it.

link to this extract

Apple promo video confirms the 6s has a smaller battery » TechCrunch

Fitz Teppper:

a 3D Touch promotional video released by the company seems to confirm that the 6s will indeed have a smaller battery than the iPhone 6. Specifically, GSMArena discovered that the video shows a shot of the battery marked “1715 mAh”, which is less than the iPhone 6’s 1810 mAh battery.

The extra space gained from reducing the device’s battery is most likely being used to fit new, larger components like the Taptic Engine and Force Touch-enabled display.

It’s important to note that this doesn’t mean the device will provide fewer hours of usage. In fact, Apple’s specs on the 6s show that the device will have the exact same talk, Internet browsing, and video playback time as its predecessor. This is most likely due to increased power efficiency in the new phone.

In my (beta) experience, iOS 9 has better battery life than iOS 8. Have to see how the rest of it plays out. Safe bet though that “smaller battery!” will be found in the comments sections of many blogs in the days – months even – to come.
link to this extract

Start up: Chrome v Flash (and Google v iOS 9), HTC delays Vive, streaming’s true problem, and more

Posted on August 31, 2015 by charlesarthur

Suggested caption: “I wish I’d never mentioned the bloody sealion”. Can a computer do better? Picture from MCAD Library on Flickr.

A selection of 9 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Google makes it official: Chrome will freeze Flash ads on sight from Sept 1 » The Register

Shaun Nichols:

Back in June, Google warned that, in cooperation with Adobe, it would change the way Flash material is shown on websites.

Basically, “essential” Flash content (such as embedded video players) are allowed to automatically run, while non-essential Flash content, much of that being advertisements, will be automatically paused.

As we explained a couple of months ago, it’s effectively taking Chrome’s “Detect and run important plugin content” feature, and making it the default: only the “main plugin content on websites” will be run automatically. That should put a stop to irritating ads around the sides of pages.

Google’s reasoning for the move is largely performance-based, apparently. The Chocolate Factory worries that with too many pieces of Flash content running at once, Chrome’s performance is hamstrung, and, more critically, battery life is drained in notebooks and tablets running the Flash plugin.

A performance and battery hit? From Flash? I’m shocked, shocked to hear of such a thing.
link to this extract

Handling App Transport Security in iOS 9 » Hacker News discussion

Remember the Google Ads blogpost from last week explaining how developers could enable non-HTTPS ads to show on iOS 9, which enforces (almost) HTTPS? The discussion on Hacker News include some who’ve been in the trenches:

At my last job, we did something similar to what iOS 9 is now doing, where we migrated a survey engine to serve all forms over https. There was high fiving and champagne all around the engineers desks, while media was freaking out that their impressions took the sharpest reverse-hockey-stick in the world. Ad networks are seriously the worst when it comes to https traffic. Given the dozens of redirects and pixel injections and iframes slapped into a media page, it’s nearly impossible to serve secure traffic since it only takes one network to downgrade the https request to http and then the page is “broken”.

Other comments provide useful insight too.
link to this extract

The wait for HTC’s Vive VR headset just got longer » ReadWrite

Adriana Lee:

Other projects and software features are likely in the works [from Oculus Rift] as well. (We may know more at the Oculus Connect 2 developer conference in Los Angeles next month.)

There’s also increasing competition from VR hardware startups and other (bigger) competitors eyeing virtual and augmented reality—including Sony, Google, Samsung and Microsoft. Apple may also be pursuing virtual and augmented reality behind closed doors.

All of which makes HTC’s decision to delay the Vive’s consumer release rather risky—especially if the company is relying on this initiative to make up for its flagging smartphone business. For end users and developers, however, the scenario points to something else: Next year is going to be absolutely huge for all realities virtual.

Can HTC hang on long enough to ride that wave? Testers say it’s terrific quality. Most valuable asset?
link to this extract

Chromebooks gaining on iPads in school sector » The New York Times

Natasha Singer:

In terms of the sheer numbers of devices sold, however, Microsoft remained in the lead. In 2014, about 4.9m Windows devices, including notebooks and desktops, shipped to schools, giving Microsoft a roughly 38% market share in unit sales, IDC said.

Apple, meanwhile, shipped about 4.2m devices for schools, including desktops, notebook computers and tablets, accounting for about 32% of the education market, according to the report.

But the Chromebook category is fast gaining traction in the United States.

Last year, about 3.9m Chromebooks were shipped in the education sector, an increase in unit sales of more than 310% compared with the previous year, IDC said. By contrast, iPad unit sales for education fell last year to 2.7m devices, compared to 2.9m in 2013, according to IDC data.

“Even if Microsoft is No. 1 in volume and Apple is No. 1 in revenue, from the growth perspective, nobody can beat Chromebook,” said Rajani Singh, a senior research analyst at IDC who tracks the personal computer market and is the author of the report.

In the first half of this year, she said, roughly 2.4m Chromebooks shipped to schools compared with about 2.2m Windows-based desktops and notebook computers.

Maybe this is where Chromebooks begin to eat away at Windows. They certainly should be a lot easier to secure and manage.
link to this extract

We built a robot to help you win The New Yorker’s cartoon caption contest » The Verge

Michael Zelenko and Frank Bi:

Each week The New Yorker runs a cartoon contest on its back page, where the publication invites readers to submit captions to cartoons drawn by the magazine’s illustrators. Winning the contest is notoriously difficult — writers have to generate a quip that’s funny, but also perfectly mimics the magazine’s sensibilities. A deep knowledge of The New Yorker is a prerequisite. Or is it?

We’ve collected all the first, second, and third place winning entries going back to when the magazine introduced the competition in 2005 — all 1,425 of them. Then, we ran them through a Markov text generator program that analyzes the winning captions and generates new, randomized entries that echo the original set.

Observation: using this won’t even get you to the last three in the caption contest. Maybe when the robots have taken all the other jobs, “comedian” will still remain for humans.
link to this extract

The real problem with streaming » Music Industry Blog

Mark Mulligan:

Even without considering the entirely intentional complexity of details such as minimas, floors and ceilings, the underlying principle is simple: a record label secures a fixed level of revenue regardless, while a music service assumes a fixed level of cost regardless.

Labels call this covering their risk and argue that it ensures that the services that get licensed are committed to being a success. Which is a sound and reasonable position in principle, except that in practice it often results in the exact opposite by transferring all of the risk to the music service. Saddling the service with so much up front debt increases the chance it will fail by ensuring large portions (sometimes the majority) of available working capital is spent on rights, not on building great product or marketing to consumers.

None of this matters too much if you are a successful service or a big tech company (both of which have lots of working capital). Both Google and Apple are rumoured to have paid advances in the region of $1 billion. While the payments are much smaller for most music services, Apple, with its $183bn in revenues and $194bn in cash reserves can afford $1bn a lot more easily than a pre-revenue start up with $1m in investment can afford $250,000. Similarly a pre-revenue, pre-product start up is more likely to launch late and miss its targets but will still be on the hook for the minimum revenue guarantees (MRG).

It is abundantly clear that this model skews the market towards big players and to tech companies that simply want to use music as a tool for helping sell their core products.

link to this extract

Heads-up, Google: fighting the EU is useless » Bloomberg View

Leonid Bershidsky:

Microsoft can tell Google exactly what happens next; indeed, Google’s lawyers realize there will be other antitrust investigations. One, concerning the Android operating system and its links to Google services, is already in the works, although no official charges have been brought. Another may soon hit Google where it really hurts, challenging its dominance in online advertising. Google will fight and probably lose, because Europe doesn’t like big U.S. companies to dominate its markets.

Lobbying and complying with whatever demands still can’t be avoided is a less painful path. Microsoft spent 4.5 million euros last year, a million more than Google, on efforts to get EU officials to see its points on issues such as data protection and cloud computing. Among other things, the European Parliament is now considering a Microsoft proposal that would cap fines for Internet privacy violations at 2m euros a case, instead of 2% of a company’s international turnover.

It’s admirable that Google now wants to fight for its principles and against the dilution of its superior offering. It makes me cringe, however, to think of the time and money that will be burned in this hopeless battle.

link to this extract

The fembots of Ashley Madison » Gizmodo

Annalee Newitz:

In the data dump of Ashley Madison’s internal emails, I found ample evidence that the company was actively paying people to create fake profiles. Sometimes they outsourced to companies who build fake profiles, like the ones Caitlin Dewey wrote about this week in the Washington Post. But many appear to have been generated by people working for Ashley Madison. The company even had a shorthand for these fake profiles—“angels.” Perhaps this is a tip of the hat to Victoria’s Secret models, also known as angels.

Ashley Madison created their angels all over the world, and the dump contains dozens of emails where Avid Life Media management arranged to generate more. Here you can see a July 4, 2013 email from Avid Life Media’s director of internal operations, Nora Abtan, to CEO Noel Biderman and other managers, with the subject “summary angels status”…

…An email chain between Sandra Simpson and an employee named Eduardo Borges, dated July 30, 2012, suggests that quality control on the angel profiles was actually pretty rigorous. Borges asks whether it’s OK to reuse photos if they are in different states, and Simpson says no—she notes that many members travel and they might spot the duplicates.

Such great journalism; such a scammy business. The question becomes, did the company take this direction from the start, or was it forced towards fakery by circumstance?
link to this extract

Apple is about to lay down its TV cards » TechCrunch

Matthew Panzarino:

It stands to reason that Apple will be able to push the A8 much, much further than it ever has before given that the Apple TV is plugged into the wall, and not dependent on battery.

This will enable developers of games and other resource-intensive applications to produce higher quality and more demanding apps. Among the demos I’d expect to see on stage next month are content apps, games, and broadcast companies. These apps fit the venue (fixed, but large and participatory) and purpose of your television — and the apps that people will build for the Apple TV would do well to take those factors into account as well.

A native SDK that takes advantage of the hardware fully will, for the first time ever, turn the Apple TV into a platform, a self-sustaining life form that Apple likely hopes will dominate competitors who have done only slightly better about adding third-party support.

To control the new Apple TV? A new remote. One major feature of which was pretty much nailed by Brian Chen in an article earlier this year. It’s slightly bigger and thicker, with physical buttons on the bottom half, a Touchpad area at the top and a Siri microphone.

I thought the Apple TV would get its own SDK
back in 2012. Totally wrong; it just wasn’t ready.
link to this extract

Start up: the Samsung conflict, Google Analytics v Edge, Windows 95 v 10, Android woes and more

Posted on July 31, 2015 by charlesarthur

A smart cap could tell you if your milk had gone off – so much more accurate than someone’s nose. Photo by alisdair on Flickr.

A selection of 11 links for you. Because you can take it. (You’d better, I’m taking a three-week holiday break.) I’m charlesarthur on Twitter. Observations and links welcome.

Samsung’s profit center » Asymco

Horace Dediu:

Phone operating margins [at Samsung] peaked in Q1 2014 at 20% but are half that level today. These margins have dropped to levels Samsung had in 2009, before the Galaxy launched and before they had any substantial revenues from smartphones.

In contrast, the semiconductor group is growing both revenues and margins. Margins and operating profits are both 50% higher than those of devices.

We also know that Apple is Samsung Semiconductor’s single biggest customer. We can’t be sure how much of the total revenue/profit comes from Apple but if the pattern continues then Apple could be the greatest contributor to Samsung’s profitability in the near future.

How could this be? Wasn’t Samsung supposed to “disrupt” Apple?

The reality is that Samsung’s own smartphones are being disrupted by good-enough Android devices, typically made by Chinese brands. This low-end disruption is also affecting LG, another phone maker and Apple supplier.

Unlike Samsung and LG, Apple is less susceptible to low-end disruption. What Apple offers is a brand promise, an ecosystem, associated products and services and what amounts to a new market. It’s this parallel value network that competes with Android/Google, rather than with Samsung.

I’ll add another data point: the “phone operating margins” actually cover the IM [IT & Mobile] division, which includes PCs and (I believe) cameras. In the latest quarter, the non-phone revenue in the IM division was below US$500m, for the first time in at least four years. That suggests we’re very close to seeing the true profit margin of Samsung’s phone business, as the non-phone business probably doesn’t perturb the very much larger (US$22bn, ie over 44x larger) phone business.

And read Dediu’s post for the killer payoff line.
link to this extract

Google loses bid to overturn low-cost patent licenses to Microsoft » Reuters

Andrew Chung:

In a setback for Google, a U.S. appeals court ruled on Thursday that the low licensing rate Microsoft pays to use some of Google’s Motorola Mobility patents had been properly set.

The 9th U.S. Circuit Court of Appeals in San Francisco said a lower court judge properly determined the patents’ value even though the royalty rate was only a fraction of what Motorola had asked for. Google sold the Motorola handset business to Lenovo last year but kept its patents.

The court also upheld $14.5m awarded to Microsoft for Motorola’s breach of contract to license its patents fairly.

Patents at issue being standards-essential; Motorola kicked it off demanding $4bn per year. Judge James Robart put the royalty rate at $1.8m per year.
link to this extract

BT hands £129m back to UK.gov after beating rural broadband targets » The Register

Simon Rockman:

Both BT and the Ministry of Fun – or the Department of Culture, Media and Sport, if you prefer – have spun BT’s toeing-the-line-of-a-contractual-obligation as unbridled generosity towards taxpayers.

A statement from the Minister of Fun, John Whittingdale, said:

It’s fantastic to see that the rollout of superfast broadband is delivering for customers and for the taxpayer. The Government was clear from the start that as levels of people taking up superfast broadband went beyond our expectations in areas where we invested public money, BT would reimburse the taxpayer for reinvesting into further coverage across the UK. This now means that BT will be providing up to £129m cashback for some of the most hard to reach areas.
The funding was part of a Broadband Delivery UK (BDUK) project which has the aims of:

• provide superfast broadband coverage to 90 per cent of the UK by 2016
• provide basic broadband (2Mbps) for all by 2016
• provide superfast broadband to 95 per cent of the UK by 2017
• explore options to get near universal superfast broadband coverage across the UK by 2018
• create 22 “SuperConnected Cities” across the UK by 2015
• improve mobile coverage in remote areas by 2016

Speaking as someone who keeps finding themselves somehow forever in that “it’s coming in a couple of years, honest” part of the country (which seems to be a lot larger than 5%), I’d prefer Whittingdale to be lighting a fire under BT, and for Ofcom to demand that BT Openreach (which does the infrastructure) be split from the rest of BT.

After all, power generators don’t own the power lines, rail operators don’t own the track; why does BT own the phone lines?
link to this extract

Enterprises retake lead in tech adoption » Deloitte CIO – WSJ

Apparently a sort of chief information officer-focussed niche of the WSJ, this has the entertaining premise that:

many believe this trend of consumer-originated innovations entering the workplace, dubbed the consumerization of IT, will become the dominant model going forward. But there is strong evidence that the pendulum is swinging back to enterprise-first adoption, with organizations likely to capture more near-term value than consumers in the following four technology areas:

Which areas? Let’s see: wearables; 3D printers; drones; Internet of Things. Not a chance on wearables – enterprise adoption and value will lag far behind consumers (already does). On 3D printing, businesses are already ahead through prototyping, so no contest. On drones, again, armies got there first, so not really at issue. And IoT? It’s such a pain at present for most people that again, it’s left to businesses which have the time and patience to deploy. But I’d bet once IoT stuff becomes prevalent enough, it will be widely used by the ordinary folk.
link to this extract

The challenge of tracking Microsoft’s new Edge browser in Google Analytics » GeekWire

Even though Edge is now in the wild, tracking usage and adoption of the browser is going to be problematic for many web developers and site owners because tracking for Edge is not yet supported in Google Analytics.

Web developers and designers frequently consult Google Analytics to answer important browser usage questions for their website. Answers to questions like “Do we need to still support IE8?” or “Are there enough users affected by this particular Chrome bug to implement a hack to fix it?” are usually answered by running a browser usage report in Google Analytics. Google Analytics provides an easy way to break down a website’s readers by their OS, browser and browser version, except in the case of Edge.

Taking a look at Google Analytics reports for Operating System Version in Windows, you’ll notice that there is no version 10 listed.

WTH, Google? (Via Richard Burte.)
link to this extract

UC Berkeley engineers devise 3D-printed ‘Smart Cap’ to check safety of milk, juice » Food Safety News

The “smart cap” has an embedded inductor-capacitor tank as the wireless passive sensor and can monitor the quality of milk and juice wirelessly, the article stated.

“A quick flip of the carton allowed a bit of milk to get trapped in the cap’s capacitor gap, and the entire carton was then left unopened at room temperature (about 71.6 degrees F) for 36 hours,” according to a university news report.

The result shows a 4.3% resonance frequency shift from milk stored in the room temperature environment for that period. This work establishes an innovative approach to construct arbitrary 3D systems with embedded electrical structures as integrated circuitry for various applications, including the demonstrated passive wireless sensors, the article explained.

The Berkeley folk are saying “hey, people will print them out at home!” while everyone else is saying “this would be so useful in mass-produced containers”.

So here’s a picture of the 3D printer that the UC Berkeley people think you’ll want to print out milk carton tops with.
UC Berkely 3D printer
Yeah, I’ll have two – you never know when you might need a spare.
link to this extract

The fastest-growing mobile phone markets barely use apps » Quartz

Africa and Asia, the two fastest growing mobile markets, aren’t very big on apps.

The overwhelming majority of mobile internet activity in the regions is spent on web pages, according to a report released on 28 July by Opera Mediaworks. In Asia and Africa, websites made up 90% and 96% of mobile impressions, respectively, in the second quarter.

Their habits are a sharp contrast to the US, where apps accounted for 91% of impressions. Globally, there’s a more even distribution, with apps making up 56% of mobile impressions and websites comprising the remainder…

…“A big portion of the mobile audience in mobile-first regions like Africa and [Asia-Pacific] are still using low-end feature phones because of the cost factor,” a spokesman tells Quartz. “This therefore compels them to use the mobile web more than apps, which are usually dominant on smartphones.”

Today’s challenger for the “well duh” prize.
link to this extract

Windows 10 launched so quietly you may have missed it » The Guardian

Some two-bit hack blathering about a new version of Windows:

Windows 10’s biggest new feature? It’s free if you download it within the next year, and will install on machines running Windows 7 or Windows 8. Its second biggest feature? It isn’t Windows 8, which was released in 2012 and created widespread puzzlement by submerging the traditional desktop interface beneath big, bright “tiles” and getting rid of the familiar, popular Start menu.

That puzzlement soon turned to anger, forcing the ejection of the man who had led Windows 8’s development, Steve Sinofsky, and the introduction of Windows 8.1, which, while it didn’t bring the Start menu, did at least let you start off in desktop mode.

Now, Microsoft breezily says, “the familiar Start menu is back”, as though it had been on holiday rather than unceremoniously dumped.

On reflection, the biggest feature of Windows 10 is that it isn’t Windows 8. Being free is its second-biggest.
link to this extract

August 1995: A window we will all want to open » The Independent

Some two-bit hack blathering about a new version of Windows:

Microsoft’s computer program lines up with a number of other classic products: the Biro, aerosols, the Sony Walkman, the Boeing 747 jumbo jet, the Mini and the compact disc. It is a piece of technology which has arrived at just the right time to satisfy people’s wants.

Like those other classic products, Windows 95 enhances our personal independence and autonomy, and makes our lives more convenient. It draws everyone deeper into the existence of the “me” generation. Thus, aerosols let you manage your hair, your hygiene, your cleaning as you choose: convenience in a can. A Biro can write for far longer than a fountain pen, and when it’s finished you simply throw it away. The Mini, costing £400 in its first incarnation, made car ownership possible for the young and relatively poor, not just the comfortably well-off. The Walkman provided everyone with their own personal environment: the music (or noise) that you want at the volume you choose.

But like those earlier products, Windows 95 also exemplifies a wider economic and cultural trend. Just as globalisation gives corporations multinational reach, their products link physically and culturally diverse peoples, homogenising aspects of our lifestyles and, literally, connecting us up. Software can be “shipped” over a telephone line across borders; Windows 95 will be the same in Australia or the Arctic.

link to this extract

CNET’s early coverage of Windows 95, back in 1995 » YouTube

CNET’s first impression of Windows 95 was that it would create a huge impact, what with the long file names, taskbar and a recycle bin for unwanted files. Check out this vintage review along with Microsoft’s own promotional video that went with the launch.

Here’s the video:

(The presenter is Richard Hart.)

How far we’ve come. No, don’t disagree. Look at that video of the Fonz.
link to this extract

The security flaw Google built into Android » MIT Technology Review

Tom Simonite:

Google can’t push you an update for Android. It hands out the operating system to device manufacturers for free. They get to tinker with it to add features or apps of their own and are the only ones—along with cellular carriers in some cases —that can push updates to the devices they sell. Google does bind companies that use Android with some restrictions (for example to do with using its app store) but doesn’t require them to push out security updates quickly.

That leaves users of Android devices unable to avail themselves of what security experts say is the most important strategy for staying safe, at least according to researchers at none other than Google itself. They reported last week on a survey that asked computer security pros how they stay safe. Applying security updates emerged as the experts’ number one priority.

Google has lately come up with workarounds for Android’s flawed security model. It has shunted many key functions into apps that it can push updates to via its app store. But that doesn’t cover all of Android, and the app store doesn’t have a way to signal to you whether an app wants to update for security reasons or just to add new features.

The text message vulnerability revealed today can’t be fully fixed by upgrading apps. And it’s not unlikely that most vulnerable phones will never get the security patches for Android that Google has developed and will offer up to manufacturers and cellular operators.

Android has done spectacularly well, but one feels that it’s overdue its Blaster moment.
link to this extract

Start up: Wi-Fi Sense explained, another giant Android vulnerability, the US’s sleepiest cities, and more

Posted on July 30, 2015 by charlesarthur

What happens when you create a way for any programmer to analyse peoples’ DNA? (Hint: not good things.) Photo by micahb37 on Flickr.

A selection of 11 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Wi-Fi Sense in Windows 10: Yes, it shares your passkeys; no, you shouldn’t be scared » Ars Technica

Sebastian Anthony:

For a start, when a Wi-Fi passkey is shared with your PC via Wi-Fi Sense, you never actually see the password: it comes down from a Microsoft server in encrypted form, and is decrypted behind the scenes. There might be a way to see the decrypted passkeys if you go hunting through the registry, or something along those lines, but it’s certainly not something that most people are likely to do.

Perhaps more importantly, though, just how sacred is your Wi-Fi password anyway? Corporate networks notwithstanding (and you shouldn’t share those networks with Wi-Fi Sense anyway), most people give out their Wi-Fi keys freely. You could even argue that Wi-Fi Sense is more secure: if I ask Adam for his Wi-Fi password, I am free to give it away to anyone. If I receive the password via Wi-Fi Sense, I can still connect to Adam’s network, but I can’t tell anyone else the password.

And it only goes to immediate-circle friends, not friends of friends of.. So probably not such a big thing to worry about.
link to this extract

Why Grooveshark failed » The Verge

Stephen Witt:

The Grooveshark streaming application launched in April of 2008 — several months ahead of Spotify. The service proved explosively popular from the outset. Users, especially younger users, loved on-demand music delivery, and Greenberg left school to focus on Grooveshark full time. But there was a problem: Grooveshark still relied on peer-to-peer infrastructure similar to Napster, Kazaa, and bitTorrent. In other words, although it functioned as a streaming service, it still sourced the music from its users’ file libraries. And to the record companies, that looked like copyright infringement.

Without approval from the labels, Grooveshark struggled to attract venture capital. In its first five years of existence, the company raised just under a million dollars. In the same time, Spotify, with equity buy-in from the music majors, raised a hundred times as much.

It didn’t “look like” copyright infringement; it clearly was infringement, in just the same way that the original Napster was. That’s why it was sued into the ground. Grooveshark never played by the rules (artists demanded their music be removed; Grooveshark staff re-uploaded it, or ignored new uploads). They failed because they could never stay inside the rules.
link to this extract

Drones and spyware: the bizarre tale of a brutal kidnapping » WIRED

Kevin Poulsen with a wonderful tale of how truth is stranger than fiction:

efforts to trace the new emails were in vain. The author boasted that he was using Tor as well as other anonymizing precautions that would withstand even an “Egotistical Giraffe exploit,” a reference to an NSA de-anonymizing technique that surfaced in the Edward Snowden leaks. He sent the messages through the Singapore-based anonymous remailer anonymousemail.com, and shared the photos—stripped of metadata—through the anonymous image sharing site Anony.ws.

Evidently unconvinced, the Vallejo police still insisted the crime was a put-on, but the FBI was also on the case. And, it turned out, despite his sophistication, the kidnapper had left a digital trail.

The kidnapper had slipped by using a disposable Tracfone to call Quinn after the abduction. The FBI reached out to Tracfone, which was able to tell the agents that the phone was purchased from a Target store in Pleasant Hill on March 2 at 5:39 pm. Target provided the bureau with a surveillance-cam photo of the buyer: a white male with dark hair and medium build. AT&T turned over records showing the phone had been used within 650 feet of a cell site in South Lake Tahoe.

But the real break in the case came when the kidnapper evidently struck again.

link to this extract

Trend Micro discovers vulnerability that renders Android devices silent » Trend Micro

Wish Wu (Mobile Threat Response Engineer):

We have discovered a vulnerability in Android that can render a phone apparently dead – silent, unable to make calls, with a lifeless screen. This vulnerability is present from Android 4.3 (Jelly Bean) up to the current version, Android 5.1.1 (Lollipop). Combined, these versions account for more than half of Android devices in use today. No patch has been issued in the Android Open Source Project (AOSP) code by the Android Engineering Team to fix this vulnerability since we reported it in late May.

This vulnerability can be exploited in two ways: either via a malicious app installed on the device, or through a specially-crafted web site. The first technique can cause long-term effects to the device: an app with an embedded MKV file that registers itself to auto-start whenever the device boots would case the OS to crash every time it is turned on.

In some ways, this vulnerability is similar to the recently discovered Stagefright vulnerability. Both vulnerabilities are triggered when Android handles media files, although the way these files reach the user differs.

Seems like the media file handling is where everyone is focussing for Android weaknesses just now.
link to this extract

September 2014: iPhone 6 and Android value » Benedict Evans

From September 2014:

with the iPhone 6 and iOS8, Apple has done its best to close off all the reasons to buy high-end Android beyond simple personal preference. You can get a bigger screen, you can change the keyboard, you can put widgets on the notification panel (if you insist) and so on. Pretty much all the external reasons to choose Android are addressed – what remains is personal taste.

Amongst other things, this is a major cull of Steve Jobs’ sacred cows – lots of these are decisions he was deeply involved in. No-one was quicker than Steve Jobs himself to change his mind, but it’s refreshing to see so many outdated assumptions being thrown out.

Meanwhile, with the iPhone 6 Plus (a very Microsofty name, it must be said) Apple is also tackling the phablet market head on. The available data suggests this is mostly important in East Asia but not actually dominant even there – perhaps 10-20% of units except in South Korea, where it is much larger. Samsung has tried hard to make the pen (or rather stylus) a key selling point for these devices, but without widespread developer support (there is nothing as magical as Paper for the Note) it is not clear that these devices have actually sold on anything beyond screen size and inverse price sensitivity (that is, people buy it because it’s the ‘best’ and most expensive one). That in turn means the 6 Plus could be a straight substitute.

Now we have Samsung’s results (out by the time you read this) and LG’s results, where the latter specifically says that sales were lower in South Korea than expected. Evans seems to have been borne out: the only differentiator between premium Android and iPhones was screen size.
link to this extract

Busy-ness data on Google search results » Google

Do you ever find yourself trying to avoid long lines or wondering when is the best time to go grocery shopping, pick up coffee or hit the gym (hint: avoid Monday after work)? You’re in luck!

Now, you can avoid the wait and see the busiest times of the week at millions of places and businesses around the world directly from Google Search. For example, just search for “Blue Bottle Williamsburg”, tap on the title and see how busy it gets throughout the day. Enjoy your extra time!

That’s very clever. (Location data from Android phones, one guesses.)
link to this extract

Android security, bugs and exploits » Google+

Adrian Ludwig is head of security for Android:

There’s common, mistaken assumption that any software bug can be turned into a security exploit. In fact, most bugs aren’t exploitable and there are many things Android has done to improve those odds. We’ve spent the last 4 years investing heavily in technologies focused on one type of bug – memory corruption bugs – and trying to make those bugs more difficult to exploit.

A list of some of those technologies that have been introduced since since Ice Cream Sandwich (Android 4.0) are listed here. The most well known of these is called Address Space Layout Randomization (‘ASLR’), which was fully completed in Android 4.1 with support for PIE (Position Independent Executables) and is now on over 85% of Android devices. This technology makes it more difficult for an attacker to guess the location of code, which is required for them to build a successful exploit.

What Ludwig doesn’t mention: the Stagefright bug. Is it right to say it could be used to take over a phone via MMS? Or would ASLR defeat that? You’d hope the head of security for Android would tackle this in a public blogpost talking about security. But he doesn’t. Which tends to make one think the worst.
link to this extract

Which cities get the most sleep? » The Jawbone Blog

Tyler Nolan:

One of the major findings in our study of city sleep was that people living in cities just don’t get enough. No major city in the United States averages above the NIH-recommended seven hours of sleep per night. But it’s only part of the picture. The vast majority of the suburban and rural counties have much healthier sleep numbers.

Geography has a profound effect on the routines we follow and the habits we form. Our sleep cycles adapt to the pace and lifestyle of the world we live in and the world by which we are surrounded. We look forward to further investigating the effects of geography and how it influences UP wearers in all parts of the world.

Technical Notes: This study was based on over one million UP wearers who track their sleep using UP by Jawbone. Less populous counties were blended with neighboring counties to generate significant results. This technique revealed patterns at finer granularity than the state level, such as time zone boundaries. All data is anonymized and presented in aggregate.

One still gets that little tingle of concern that your sleep data could be tracked directly back to you by someone malicious or stalker-y at Jawbone. (The visualisations are lovely, though.)
link to this extract

Brinks’ super-secure smart safes: not so secure » WIRED

Kim Zetter:

Vulnerabilities found in CompuSafe Galileo safes, smart safes made by the ever-reliable Brinks company that are used by retailers, restaurants, and convenience stores, would allow a rogue employee or anyone else with physical access to them to command their doors to open and relinquish their cash, according to Daniel Petro and Oscar Salazar, researchers with the security firm Bishop Fox, who plan to demonstrate their findings next week at the Def Con hacker conference in Las Vegas.

The hack has the makings of the perfect crime, because a thief could also erase any evidence that the theft occurred simply by altering data in a back-end database where the smartsafe logs how much money is inside and who accessed it. If done well, the only telltale sign of an attack would be left on security cameras—if anyone bothered to look.

They’re “smart” because they can tally how much money is put into them. Dumb because they run Windows XP Embedded. And there’s an external USB port for “troubleshooting”.
link to this extract

Retailer Acceptance » Contactless Life

Duncan Stevenson has compiled a gigantic table of which companies accept contactless and Apple Pay payments (and to what amount).

In theory Apple Pay should be accepted at all retailers that accept contactless, and this seems to be the case for Mastercard and Visa cards, however American Express cards are currently experiencing issues with Apple Pay in certain retailers (hence the existence of the “Amex Apple Pay” column). I have a blog post coming soon covering the issues with American Express Apple Pay in the UK.

(It’s a real HTML table too.)
link to this extract

Your 23andMe DNA can be used in racist, discriminatory ways » BuzzFeed News

This week, an anonymous programmer posted on GitHub an early-stage program called Genetic Access Control. It basically worked as a log-in mechanism. The third-party program was designed to hook up to the company’s API and mine the 23andMe accounts of users who agreed to share their information, as they would agree to let apps connect to their Facebook or Twitter profiles. Websites using Genetic Access Control could scan that data for information about “sex, ancestry, disease susceptibility, and arbitrary characteristics” — and then restrict users’ access to the site based on this information.

For example, people with only the “right” amount of European ancestry would be allowed to access a website that used Genetic Access Control:

But 23andMe shut down the developer’s access to its API on Wednesday, two days after the code was published. 23andMe spokesperson Catherine Afarian told BuzzFeed News the program violated a policy that forbids use of the API for, among other things, “hate materials or materials urging acts of terrorism or violence.”

I think a programmer who actually wanted to cause trouble (as opposed to one, as here, just showing 23andMe how blithely trusting it is) could reasonably point out that they’re not creating hate materials or anything to do with terrorism or violence.

And – whoever they were – succeeded with a beautiful example of why you don’t really want to have open public access to a DNA database. As well as why 23andMe are twits for ever having thought so.
link to this extract

Start up: a huge new Android security risk, Google+ downgraded, iTunes’s giant mess, and more

Posted on July 28, 2015 by charlesarthur

It was 20 years ago (roughly) that a Rolling Stones song launched Windows 95. Photo by michfiel on Flickr.

A selection of 9 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Making free work (hint: cannibalize radio, not sales) » Music Industry Blog

Mark Mulligan:

Neither Spotify or Deezer is in the business of free music, they are in the business of subscriptions and simply use free as a marketing tool. So they have no reason to cling doggedly to free users that show no sign of converting. Instead after a sufficient period of free music has been offered users should be pushed to subscriptions or onto a radio tier (see figure). There is no business benefit to the streaming services nor rights holders to have perpetual on demand free users.

The assumption that free music is some sort of internet right is symptomatic of the internet’s growing pains. In terms of market development we’re probably at the adolescence stage of the internet, the stage at which carefree childhood starts to be replaced by responsibility and consequences. We’re seeing this happen right across the internet economy, from privacy, data, free speech, jurisdiction etc. Because music has been free online for so long consumers have learned to accept it as fact. That assumption will not be changed any time soon, and try to force the issue too quickly and illegal services will prosper.

Of course YouTube is, and always has been the elephant in the room, buoyed by the schizophrenic attitude of record labels who simultaneously question its impact on the market while continuing to use it as their number 1 digital promotional channel. While the tide may finally be beginning to turn, don’t expect YouTube to go anywhere any time soon. But should the screws tighten do expect YouTube to stop playing ball.

Apple Music, of course, chucks you out after your three-month trial unless you subscribe. Let’s see how it does for conversion.
link to this extract

Continuum on Windows 10 » Blogging Windows

Windows 10 adjusts your experience for your activity, device and display, so you can do your thing in any mode anytime you want. Onscreen features, like menus and taskbars, adapt for easy navigation. Apps are built to scale smoothly from screen to screen so they look good from the smallest app window up to the largest 8k displays*.

That’s gr– hey, what’s the asterisk?

“*App experiences may vary.”

Oh. (Via Wes Miller.)
link to this extract

Start Me Up (again) » GartenBlog

Windows 10 will arrive, without fanfare, on computers tomorrow (July 29th). In August 1995, Windows 95 was launched with the Rolling Stones’ “Start Me Up” as its theme song. Michael Gartenberg recounts Microsoft’s Brad Stone talking about the negotiations with the band:

For a good month we continued negotiations mostly on the phone. I had only so much I would and could pay and that made things easier on our end. The fact that we had to fish or cut bait to get our TV ads done in time for the August 24th launch served as a forcing function and eventually we agreed to terms. They rushed WK the “Start Me Up” recording as we were already working on the ad. The next day I got a frantic call from WK saying that the Stones had sent a later live version of “Start Me Up” that wouldn’t work. I called up Cohl and told him that I had to have the original version or there was no deal. Eventually they agreed. I found out later that the reason they gave us the live version was that it was recorded after Bill Wyman had left the band. Giving us the original meant that Wyman got his allocation of the deal which of course meant that giving us the original version of “Start Me Up” meant that Jagger, Richards and the rest of the band got less.

I also found out later that Jagger and Richards did not always see eye to eye on the deal. As Brad indicated, Jagger was less inclined to commercialize their music in this way. I was told he was especially ready to just forget the deal when we made it clear we needed the original version but that he did not want to piss off Richards over it because Richards wanted or needed the money.

One British paper (not me) suggested Microsoft paid $14m. “We paid a fraction of this”, Stone writes.
link to this extract

Dmail makes your Gmail messages self-destruct » TechCrunch

Sarah Perez:

The product works by way of a Google Chrome web browser extension, which only you, as the email sender, have to install.

Once loaded, you’ll have a new option within the Gmail “compose” interface that allows you to turn the Dmail service off and on using a toggle switch. When on, you can specify ahead of sending an email if you want the email destroyed in an hour, a day, a week, or “never.” Even if you choose the “never” option, you can later go into your sent message and click a “Revoke Email” button to remove access to that email from all recipients.

What’s clever about Dmail is that, unlike some other secure messaging products, recipients don’t have to use the service themselves in order for it to work. If they don’t have the extension installed, they’ll instead receive an email that states: “This secure message was sent using Dmail. To view this message, simply click the button below.”

Clicking the included “View Message” button will then redirect them to a web view where they can read your email.

More accurate headline: Dmail makes your Gmail messages into shareable web pages whose access you control. These attempts to reinvent email are doomed to failure.
link to this extract

Canon cuts outlook as weak camera sales hit second-quarter profit » Reuters

Ritsuko Ando:

Japan’s Canon Inc cut its earnings outlook for the full year and reported a 16% fall in quarterly profit as consumers, increasingly in the habit of taking photos with their smartphones, bought fewer compact digital cameras.

The world’s largest camera maker said on Monday its second-quarter net profit fell to 68bn yen ($552m) compared with 81bn yen a year earlier. Analysts on average expected 65bn yen, according to Thomson Reuters data.

The firm said it now expects full-year profit of 245bn yen rather than the 255bn it forecast three months ago.

Wait and see what they forecast in another quarter. This is a trend that will only continue.
link to this extract

The hidden opportunity of corporate smartphones » Tech.pinions

Bob O’Donnell:

Many of the IT professionals who are making or strongly influencing these purchases also have a soft spot for Windows and this preference clearly shows up in survey results. Though it’s well known the percentage of consumers actively using Windows Phones is small, what isn’t well known is a surprisingly large percentage of companies (over 40% in several different surveys) have employees who use devices running Microsoft’s mobile OS. In fact, in a TECHnalysis Research survey of US healthcare companies, 17% of work smartphones in their organizations were running Windows Phone. This goes a long way towards explaining Microsoft’s recent comments about focusing their future smartphone development towards enterprise as a key target. They actually have a solid opportunity there.

Goes to show how little influence IT professionals have in the new mobile world order, if you ask me. A reminder: about 80m Windows Phones are being used worldwide; in the US it’s in the low single-digit millions. That might be a gigantic corporate usage. Or it might be a small corporate usage and a small corporate usage.
link to this extract

Major flaw in Android phones would let hackers in with just a text » All Tech Considered : NPR

Aarti Shamani:

In this attack, the target would not need to goof up — open an attachment or download a file that’s corrupt. The malicious code would take over instantly, the moment you receive a text message.

“This happens even before the sound that you’ve received a message has even occurred,” says Joshua Drake, security researcher with Zimperium and co-author of Android Hacker’s Handbook. “That’s what makes it so dangerous. [It] could be absolutely silent. You may not even see anything.”

Here’s how the attack would work: The bad guy creates a short video, hides the malware inside it and texts it to your number. As soon as it’s received by the phone, Drake says, “it does its initial processing, which triggers the vulnerability.”

The messaging app Hangouts instantly processes videos, to keep them ready in the phone’s gallery. That way the user doesn’t have to waste time looking. But, Drake says, this setup invites the malware right in.

If you’re using the phone’s default messaging app, he explains, it’s “a tiny bit less dangerous.” You would have to view the text message before it processes the attachment. But, to be clear, “it does not require in either case for the targeted user to have to play back the media at all,” Drake says.

Gives attackers system privileges. Proportion of Android devices vulnerable: 95%. Google has pushed out an update to hardware makers. But have the hardware makers pushed the update out? Google reckons that if 50% of devices get it, that will be good.

The big risk is that someone will create a Blaster-style worm that attacks a phone and then accesses its phone book to send malicious MMSs to the numbers in the phone book.
link to this extract

Don’t order the fish » Marco.org

Marco Arment:

With the introduction of Apple Music, Apple confusingly introduced a confusing service backed by the iTunes Store that’s confusingly integrated into iTunes and the iOS Music app (don’t even get me started on that) and partially, maybe, mostly replaces the also very confusing and historically unreliable iTunes Match.

So iTunes is a toxic hellstew of technical cruft and a toxic hellstew of UI design, in the middle of a transition between two partly redundant cloud services, both of which are confusing and vague to most people about which songs of theirs are in the cloud, which are safe to delete, and which ones they actually have.

iTunes has Microsoft’s problem: supporting a gigantic range of legacy hardware in the form of millions of iPods and iPhones.
link to this extract

Everything in its right place » Official Google Blog

Bradley Horowitz, VP of “Streams, Photos and Sharing”:

People have told us that accessing all of their Google stuff with one account makes life a whole lot easier. But we’ve also heard that it doesn’t make sense for your Google+ profile to be your identity in all the other Google products you use.

So in the coming months, a Google Account will be all you’ll need to share content, communicate with contacts, create a YouTube channel and more, all across Google. YouTube will be one of the first products to make this change, and you can learn more on their blog. As always, your underlying Google Account won’t be searchable or followable, unlike public Google+ profiles. And for people who already created Google+ profiles but don’t plan to use Google+ itself, we’ll offer better options for managing and removing those public profiles.

You’ll see these changes roll out in stages over several months. While they won’t happen overnight, they’re right for Google’s users—both the people who are on Google+ every single day, and the people who aren’t.

On that YouTube blogpost:

The comments you make on YouTube will now appear only on YouTube, not also on Google+. And vice-versa. This starts rolling out today.

Google+ is no longer obligatory. Slightly too soon to call it dead. But it will never grow big. And we’ll never hear those faintly bogus stats about “user sharing” or inflated claims of users.
link to this extract

Start up: adblocking animus, Amazon’s aims, Ubuntu phone reviewed, the iPod Watch, and more

Posted on July 27, 2015 by charlesarthur

“They say this replacement can’t be hacked remotely!” Photo by Hugo90 on Flickr.

A selection of 10 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

New iPhone apps will include ad blockers for the mobile web » MIT Technology Review

Tom Simonite:

Some [iOS developers] are now testing ad blocking apps they intend to release when iOS9 becomes available. Their results suggest these apps could be popular. For example, when Dean Murphy, an app developer based in the U.K., hacked together an ad blocker in about an hour earlier this month, he found it slashed the time taken to load the popular Apple blog iMore from 11 seconds to just two seconds.

He is now working to release a fully polished ad blocker called Crystal, and expects there will be many others when iOS9 launches. “Apple has laid a solid foundation for quality ad blocking applications,” he says.

One of Murphy’s competitors will be an app called Purify, created by Chris Aljoudi, who leads development of the desktop ad blocker uBlock, which he says has over one million active users. A video of Purify in action shows how it makes a news site load faster and strips pre-roll video ads from YouTube. Aljoudi says his tests have showed that Purify cuts Web browsing data usage by about a quarter—which could cut some people’s data bills and extend battery life. Both Aljoudi and Murphy intend to make their apps cheap, but not free.

I think they’re going to make good money. Advertisers (and sites) have a problem coming their way. Here’s Purify at work:

link to this extract

The Verge’s web sucks » blog.lmorchard.com

Les Orchard tried examining The Verge’s desktop site, and found it linked him to 47 third-party trackers:

I feel like someone just set up the entire vendor hall from an awful tech conference in my living room. Seriously, could you folks just not pick one or two or ten? Did you hit every booth and say “Yeah, cool, sign us up!” I feel thoroughly spindled & folded & researched, here.

As a webdev at Mozilla, I’ve been in hour-long meetings where we’ve agonized over whether it’s copacetic to include just one little Google Analytics snippet without notifying users and updating the privacy policy. But, I know we’re crazy in our own very special ways.

In former lives, I’ve worked at ad agencies and digital marketing companies. I’m no stranger to conversations that revolve around partners & bizdev & analytics & media buys. I can only imagine things have intensified & evolved since I’ve been out of those trenches.

Still – and maybe this is the Mozilla brain-damage talking – I can’t imagine a sane conversation that resulted in The Verge extending an invitation to over 20 companies to set up shop on my computer with every page visit.

The reckoning is moving just that bit closer each day. Once a significant number of people start getting faster, better experiences from using adblockers (or tracker-blockers), they won’t care that the ads aren’t targeted. Newspaper and magazine ads didn’t use to follow you around the room, and they were quite a good business.
link to this extract

I got my music back. At least most of it » Loop Insight

Jim Dalrymple, after the debacle of last week:

So now I have the iTunes Match service that I pay for separately, and Apple Music, both of which use iCloud Music Library. There is really no way to get away from them if you want to use the latest and greatest from Apple.

I’ll admit, I’m still trying to get my head around how this works.

Some of the songs I own were incorrectly tagged as Apple Music, but that’s been fixed too, which means they show up correctly in iTunes. That is great news.

However, I’m still missing a couple of hundred songs. Apple’s theory is that I deleted them—that when I was trying to fix Apple Music, I mistakenly deleted my own files. While I concede that it is within the realm of possibility that I deleted my own files, it doesn’t make sense to me.

Apple is clearly struggling with Apple Music – a colossal effort launched in a huge number of territories – which is why my advice would be not to get worked up about precisely what seems to be working or not at present. And especially not to delete anything that you think you might own.
link to this extract

Ubuntu Phone review: years in the making, but still not consumer-ready » Engadget

Jamie Rigg:

I get the idea of Scopes [which are like Live Tiles in Windows], kind of. They are supposed to give the user a personal experience, remove their reliance on walled apps and bring content to the forefront. I just don’t think Scopes deliver, or maybe I’m just so used to the app-first experience that I’m having trouble adapting to the Scope way of doing things. And if that’s the case, then most people will be in the same boat. My main problem with Scopes is that I feel I’m being bombarded with content. If I want to check out upcoming concerts on an iOS/Android device, I’d load up the Songkick app. But when that’s not what I’m looking for, I don’t really want to see Songkick listings permanently displayed on my phone, like I’m being advertised to. You could argue the solution is to remove the Songkick feed from the Scopes it populates. But, if I was constantly adding and removing sources from Scopes when they are or aren’t relevant, I don’t see how that’s preferable to having dedicated apps that offer a better experience.

It seems like there’s just no way to create a new user interface at present, certainly on a mobile screen. The gigantic gravitational field of the app-driven iOS/Android system precludes it.

Also, this sounds like crap.
link to this extract

Toshiba’s woes show how PC sales slump is squeezing big tech firms » The Guardian

I wrote about the Others:

It is whispered among some analysts that only the preinstallation of third-party antivirus programs – which try to get users to sign up to subscriptions – keeps some PC makers afloat at all, owing to the fees they receive from antivirus software firms.

It was the PC business that triggered the current turmoil at the Japanese giant [Toshiba], after an internal auditor asked in late January to look at the accounts for the company’s laptop business. That eventually concluded with an examination by an external panel, whose 294-page report noted “inappropriate accounting” in various business segments, including those “relating to component transactions” in the PC business.

In a statement on 21 July it said that 111bn yen (£580m) of assets in the PC business in the past six financial years were “under consideration” for re-evaluation. That could affect its financial results, which will be finalised by 31 August. But even in its most recent quarterly report, before any restatement, Toshiba said that its PC business recorded restructuring costs of 46bn yen in the previous three quarters, and that otherwise it “would have recorded positive operating income over three consecutive quarters”.

46bn yen is $370m. Is Toshiba really saying it made an average operating profit of $123m per quarter in the PC business? That’s as much as Asus, which is one of the biggest makers. Seems unlikely.
link to this extract

Twitter is deleting stolen jokes on copyright grounds » The Verge

Dante D’Orazio:

some people just copy good tweets from other people and act like they came up with the 140-character witticism on their own. This has been going on since the beginning of Twitter.

It now appears Twitter is using its legal authority to crack down on these tweet-stealers. A number of tweets have been deleted on copyright grounds for apparently stealing a bad joke.

As first spotted by @PlagiarismBad, at least five separate tweets have been deleted by Twitter for copying this joke:

saw someone spill their high end juice cleanse all over the sidewalk and now I know god is on my side
— uh (@runolgarun) July 9, 2015
Olga Lexell, who, according to her Twitter bio, is a freelance writer in LA, appears to be the first person to publish the joke on Twitter. In a tweet posted this afternoon, she confirmed that she did file a request to have the tweets removed.

I simply explained to Twitter that as a freelance writer I make my living writing jokes (and I use some of my tweets to test out jokes in my other writing). I then explained that as such, the jokes are my intellectual property, and that the users in question did not have my permission to repost them without giving me credit.

She added that most of the accounts that were reusing her tweets without accreditation were “spam accounts that repost tons of other people’s jokes every day.” This also isn’t the first time Twitter has complied with a request like this: Lexell tells The Verge that she’s filed similar requests for other jokes. Twitter staffers typically remove the offending tweets “within a few days” without asking Lexell any follow-up questions.

Couldn’t she, you know, just not tweet them but try them on other people? Or try them from a protected account? This is quite weird.
link to this extract

Pakistan to shut down BlackBerry services by December for “security reasons” » Reuters

Syed Raza Hassan:

Pakistan, a nuclear-armed nation of 180 million people, is plagued by militancy, criminal gangs and drug traffickers.

“PTA has issued directions to local mobile phone operators to close BlackBerry Enterprise Services from Nov. 30 on security reasons,” an official with the Pakistan Telecommunications Authority said in a text message.

He asked not to be named due to the sensitivity of discussing communications and intelligence.

BlackBerry was not immediately available to comment.

A report released this week by British-based watchdog Privacy International said Pakistan’s powerful military intelligence agency, the Inter-Services Intelligence (ISI), was seeking to dramatically expand its ability to intercept communications.

BlackBerry encrypts data such as emails and its BlackBerry Messenger messages sent between a user’s phone and public networks, ensuring greater privacy for users but making life harder for police and intelligence agencies.

link to this extract

Fiat Chrysler recalls 1.4 million vehicles to defend against hacks » Bloomberg Business

Mark Clothier:

Fiat Chrysler Automobiles NV is recalling about 1.4 million cars and trucks equipped with radios that are vulnerable to hacking.

The company was already distributing software to insulate connected vehicles from illegal remote manipulation after Wired magazine published a story about software programmers who were able to take over a Jeep Cherokee being driven on a Missouri highway. Fiat Chrysler reiterated that it’s not aware of any real-world unauthorized remote hack into any of its vehicles.

It stressed that no defect was found and that it’s conducting the campaign out of “an abundance of caution.”

Fiat Chrysler said it has blocked unauthorized remote access to certain vehicles systems via an over-the-air update on Thursday.

link to this extract

Amazon and the “profitless business model” fallacy » Remains of the Day

Eugene Wei (who used to work at Amazon):

There are very few people in technology and business who are what I’d call apex predators. Jeff [Bezos] is one of them, the most patient and intelligent one I’ve met in my life. An apex predator doesn’t wake up one day and decide it is done hunting. Right now I envision only one throttle to Jeff’s ambitions and it is human mortality, but I would not be surprised if one day he announced he’d started another side project with Peter Thiel to work on a method of achieving immortality.

One popular thesis among Amazon profitability skeptics is that Amazon can’t “flip a switch” and become profitable. The most common guess as to how Amazon flips the switch is that it will wait until it is the last retailer standing and then raise prices across the board, so Amazon skeptics argue against that narrative possibility.

But “flipping a switch” is the wrong analogy because Amazon’s core business model does generate a profit with most every transaction at its current price level.

In that light, it’s wrong to look at the AWS “profits” as a proportion of revenue and say “wow”. The profit number is meaningless. Amazon can make any part of the business look as profitable or unprofitable as it likes.
link to this extract

The future of Apple Watch will be more like the iPod’s than the iPhone’s » Beyond Devices

Aaron Miller (in a guest post on Jan Dawson’s site):

First, and most importantly, the Apple Watch is an ecosystem product. Right now, the Watch only works as an extension of the iPhone. Its upper boundary is the total number of iPhones in the world.

This makes the Watch much more like the iPod than the iPhone. From the time the iPod first launched, it was a product tied to a computer, first to Macs then eventually to Windows computers as well. (Remember the Digital Hub strategy?) Just as the iPod existed to enhance the Personal Computer + iTunes ecosystem, the Watch exists to enhance the iPhone ecosystem. The iPhone, even if tied to iTunes early on, was never merely an ecosystem enhancement—nor designed to be one, like the iPod or Apple Watch have been.

Naturally, we expect the Watch’s reliance on iPhones to change over time. LTE and GPS seem like inevitable Apple Watch additions, for example, as does a Watch-native App Store. With true third-party apps coming soon, reliance on the iPhone will diminish even more. But there’s one limitation that may always tie Apple Watches to iPhones: the screen…

…the Apple Watch category is not just smartwatches. The correct category is wearables, and wearables right now, at the birth of the Apple Watch, are very similar to the early MP3-player market. Some are huge and multi-functional. Some are svelte and limited. Some are banking on unique features trying to find a niche.

Wonder what other wearables Apple might have in mind. What’s the iPod shuffle version of a Watch?
link to this extract

Start up: Windows 10’s puzzle, Adobe’s coming obituary, our digital romances, and more

Posted on July 21, 2015 by charlesarthur

A better sound to be found inside? Photo by pumpkinmook on Flickr.

A selection of 8 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Windows 10 signifies Microsoft’s shift in strategy » The New York Times

Nick Wingfield:

in recent years, Windows has become an afterthought for many software developers, who have turned to the huge and engaged audience on smartphones. That shift has left Microsoft in a precarious position with consumers in recent years.

To generate more interest from developers, Microsoft has designed Windows 10 to run on PCs, smartphones and other devices, which is meant to make it easier for developers to write apps that run across all of them. And the company has sworn there will be one billion devices running the software in the next two to three years, giving developers a huge potential market to reach with their creations.

“I think we will see really huge adoption” of Windows 10, said Kevin Sather, director of product marketing for systems at Razer, a maker of high-end gaming computers and other devices.

The benefits of fast and free adoption of Windows 10 could well outweigh the revenue Microsoft is giving up. The company does not disclose how much upgrade revenue it normally makes from a new operating system, but analysts estimate that it is small compared with the other ways the company makes money from the operating system.

What this doesn’t explain is why Windows 10, even free, should suddenly make consumers devote any more time to their PCs, or buy Windows tablets any more than they do. Obviously Microsoft is a business-oriented company. So will this actually make any difference at all to the general direction of travel, away from the desktop to mobile? I just don’t see it.
link to this extract

Free sound improving techniques » PWB Electronics

Try the freezing experiment using a CD first – they are usually the easiest object to hand. If you have two identical CDs all the better as you can keep one CD as the control (no treatment) and put the other CD through the freezing/slow defrost process.

Place one CD in a plain plastic bag and place this bag in the domestic deep freezer overnight. When you remove the CD from the freezer, allow it to return to room temperature very, very slowly. You can achieve a slow defrost quite easily by wrapping it in a towel or blanket. Listen to the CD which has been through the freezing process first and then see if you can listen to the other (unfrozen) CD with the same pleasure !! Putting the previously frozen CD through the freezing/slow defrost process a second time gives you a further improvement in the sound.

Impossible to distinguish from satire. Or reality.
link to this extract

Only around 15% of WP 8.1 users to upgrade to Windows 10 Mobile? » All About Windows Phone

Steve Litchfield:

There’s something of a blanket assumption that everyone currently using Windows Phone 8.1 will upgrade to Windows 10 Mobile – after all, Microsoft has been promising that ‘majority’ of users will join the Window 10 ecosystem. But, after a few recent experiences of mine with budget devices, I thought it worth sounding a note of caution and reality – I’d put money on the actual conversion numbers to Windows 10 Mobile being significantly less than 50% and maybe as low as 15%.

He tested trying to update to Windows 10 Mobile on wiped-clean Lumias. It wasn’t great. Why? Storage: some of those low-end phones just won’t have the spare space – especially for those with any apps installed.
link to this extract

Tech world prepares obituary for Adobe Flash » WSJ

Robert McMillan:

in 2007, along came the iPhone. Adobe engineers embraced it immediately. “Everyone who was in the organization was carrying an iPhone,” said Carlos Icaza, an Adobe senior engineer at the time.

But Apple’s smartphone also troubled Mr. Icaza, who was in charge of Flash development on mobile phones. Flash had become bloated over the years and required lots of computing power to run. That wasn’t a big deal on PCs, but on mobile phones, with their limited battery life, it was a major problem, and Apple had opted not to support the technology.

Flash needed a major rewrite to work on the iPhone, but Mr. Icaza couldn’t get his superiors to allocate the necessary resources.

“For me, it was, ‘What the hell is going on? We have this amazing device that is going to change the world and everybody knows it,’” he said in an interview. “Nobody at the organization was trying to make Flash work on this device.”…

…Adobe itself now considers Flash to be immaterial to its business, meaning that it accounts for less than 5% of company revenue, but it is still widely used on websites built for browsers. The software runs on under 6% of the Internet’s home pages and its use is declining, according to BuiltWith Pty Ltd, which tracks Internet technology.

You don’t hear that 6% stat thrown around much, do you?
link to this extract

I tried all the apps that are supposed to mend a broken heart » Fusion

Kristen Brown:

A few months into the relationship I’d asked Siri to remember which of the many Johns* [*his name wasn’t John] in my contacts was the one I was dating. At the time, divulging this information to Siri seemed like a big step — at long last, we were “Siri Official!” Now, though, we were Siri-Separated. Having to break the news to my iPhone—my non-human, but still intimate companion—surprisingly stung.

Siri wasn’t the only screen-based trial of my break-up. Our relationships now exist across networked webs of digital connections, webs that we build up each time we begin a new romance and then must painfully break down when one ends. When I flicked open my laptop at work, the bottom-right corner was empty where a Google chat had previously sat waiting for me. Notifications of unread Snapchat messages used to lead to goofy photos of John, but now they’re just, disappointingly, announcements from Team Snapchat. Every time I send a note to a particular group of friends, Google’s algorithm suggests I add John to the e-mail thread.

Our relationship was the digital equivalent of moving in together, and now painful memories of him were scattered all over my online home. Technology was making my heartache worse, but that’s not how these things are supposed to work: Technology is supposed make our lives easier, so I sought out tech fixes for a broken heart.

link to this extract

Online cheating site AshleyMadison hacked » Krebs on Security

Brian Krebs:

In a long manifesto posted alongside the stolen ALM data, The Impact Team said it decided to publish the information in response to alleged lies ALM told its customers about a service that allows members to completely erase their profile information for a $19 fee.

According to the hackers, although the “full delete” feature that Ashley Madison advertises promises “removal of site usage history and personally identifiable information from the site,” users’ purchase details — including real name and address — aren’t actually scrubbed.

“Full Delete netted ALM $1.7mm in revenue in 2014. It’s also a complete lie,” the hacking group wrote. “Users almost always pay with credit card; their purchase details are not removed as promised, and include real name and address, which is of course the most important information the users want removed.”

Their demands continue: “Avid Life Media has been instructed to take Ashley Madison and Established Men offline permanently in all forms, or we will release all customer records, including profiles with all the customers’ secret sexual fantasies and matching credit card transactions, real names and addresses, and employee documents and emails. The other websites may stay online.”

link to this extract

The Apple Watch review » Anandtech

Joshua Ho and Brandon Chester:

Although this is a review of the Apple Watch, the Apple Watch will ultimately be quickly forgotten with the launch of future iterations of the Apple Watch. After all, Apple is not trying to sell the world on the idea of a smarter watch, but the idea of a watch altogether.

For those still deciding on whether the first Apple Watch makes sense, I have no reservations in saying that it’s the best wearable I’ve ever used. However, at the same time I find it hard to recommend this first-generation Apple Watch. It’s clear that there are far too many obvious areas to improve upon, areas where Moore’s law will help to dramatically improve the experience. In the case of smartphones, Moore’s law made it possible to deliver true all-day battery life and fluid app performance. After spending a few months with the Apple Watch, all I can see is a need for more compute and battery life, like what happened with smartphones.

Finally, we get back to the question of whether Apple will be sell people on the concept of a watch. In the months since I first used the watch I’ve ended up wearing it every day. I distinctly noticed its absence when I forgot the charger on a trip. I don’t know if Apple will succeed in convincing others of the utility of a watch, but they’ve definitely convinced me.

To the despair of graph-lovers everywhere, the authors declare that they can’t figure out a standard method for testing battery life, because you can configure the Apple Watch and Android Wear to behave so differently on notifications. But I agree with their conclusion – what you begin to notice, increasingly, over time is the utility.
link to this extract

Dropdowns should be the UI of last resort » LukeW

Luke Wroblewski:

No one likes filling in forms. And the longer or more complicated a form seems, the less likely we are to jump in and start filling in the blanks -especially on small screens with imprecise inputs (like our fingers).

While there’s two extra fields in the “painful” version above, the primary difference between these two flight booking forms is how they ask questions. One makes use of dropdown menus for nearly every question asked, the other uses the most appropriate input control for each question.

Dropdowns really are a pain, but it takes this post to point out quite why. There’s a longer writeup with links to video clips too.
link to this extract

Start up: Google and real accident rates, who really buys iPods?, Reddit and trolls, and more

Posted on July 20, 2015 by charlesarthur

Apple Music is available if you’re running iOS 8.4. Photo by danielooi on Flickr.

A selection of 7 links for you. Do you feel lucky? Well, do ya, punk? I’m charlesarthur on Twitter. Observations and links welcome.

Apple Music adoption » Mixpanel Trends

This is amazing: from 29 June, when iOS 8.4 was released (bringing Apple Music), Mixpanel’s measurement suggests that it passed 50% of all installed iOS devices by 16 July. That’s less than three weeks. It’s gaining about 1% per day. There has to be an upper limit, but it’s pretty high – 84% of devices are running iOS 8.

This also means, if Mixpanel is representative, that about 200m devices could already be able to try Apple Music.
link to this extract

The view from the front seat of the Google self-driving car, chapter » Medium

(That’s Google’s SDC being rear-ended on July 1 in the right-hand lane: the car causing the crash doesn’t even brake.)

Chris Urmson, who leads Google’s SDC effort:

National crashes-per-miles-driven rates are currently calculated on police-reported crashes. Yet there are millions of fender benders every year that go unreported and uncounted — potentially as many as 55% of all crashes, according to the National Highway Traffic Safety Administration. (None of the accidents in which people hit us resulted in a police report — not even the July 1 crash, even though the police were on site.) Furthermore, the numbers that are available don’t distinguish between miles-driven before causing a crash vs simply being involved in one. This all means no one knows the real crashes-per-miles-driven rates for typical American streets.

link to this extract

Who’s actually buying iPods these days? » BirchTree

Former Target manager Matt Birchler:

Kids would buy (or their parents would buy for them) the iPod Touch because of 3 things:

• It played games (Minecraft, mostly)
• It had YouTube
* It could stream music

A lot of families stopped buying iPod Touches once the iPad Mini got down to the $249 price point. You get a lot more device for your buck, and Touch sales dropped off very quickly. I could go on and on about this, but young kids love iPads more than most of us 20-30 somethings can imagine.

You also see more and more kids just using a hand-me-down smartphone that the parents have since upgraded from.

And then there were older people who bought Touches. They were more rare, but they were people who wanted something to FaceTime with their kids/grandkids. Maybe they wanted to use a couple apps they had heard about, but didn’t want to pay the ridiculous data fees to get them on a smartphone. This was a much smaller market, and many of them would end up buying an iPod Nano (for reasons I’ll address in the next section).

Nano and Shuffle had very different audiences. I asked who used to buy the Classic; his reply: “You’d be shocked how few were sold. Let’s just say it’s too few for me to draw any real conclusions.”
link to this extract

HTC won’t ship the Grip after all, but its fitness ambition lives on » Engadget

Chris Velazco:

Hey, remember that time HTC built a fitness tracker (with a little help from Under Armor) and showed it off in Barcelona? The one that was originally slated for a Spring launch? Well, we’re knee-deep in Summer already, and the company just confirmed to us that it no longer plans to ship the Grip we’ve already seen. As a spokesperson put it, the company “decided to align Grip with the entire product portfolio for health and fitness launching later this year” after “extensive wear testing and user feedback.” In other words, the exact Grip we saw in Spain won’t hit the market, but something better will.

Uh-huh. Let’s see how this progresses. HTC made the right call putting off its smartwatch (pre-announced in February 2014); this would also be a tough sell when it’s losing money. Problem is, how do you make money except with new things?
link to this extract

How iCloud Drive deletes your files without warning » Michael Tsai

Tsai quotes Mark Jaquith:

let’s say that, on your shiny new Mac, you want to move these files from iCloud Drive to your local hard drive, or to another synced drive like Google Drive or Dropbox. Well, you can just drag their folders do the other destination, right? You sure can. Apple kindly warns you that your dragging action is moving that folder, and that the files will be moved to your Mac, and won’t exist on iCloud Drive anymore. Fine. That’s what dragging a file from one place to another generally does!

But what happens if there are files inside this folder that haven’t yet synced to your local machine? Well, the move operation will be slower, because your Mac has to first download them from iCloud Drive. But once they download, they’ll be in their new location. Right?

Nope. Those files are now gone. Forever.

Tsai then follows up to show that Apple knows about this – though also pulls together other comments, including one from an ex-Apple services employee, showing that this problem is known internally, but it is being starved of funding.
link to this extract

Former Reddit CEO Ellen Pao: the trolls are winning the battle for the Internet » The Washington Post

To understand the challenges facing today’s Internet content platforms, layer onto that original balancing act a desire to grow audience and generate revenue. A large portion of the Internet audience enjoys edgy content and the behavior of the more extreme users; it wants to see the bad with the good, so it becomes harder to get rid of the ugly. But to attract more mainstream audiences and bring in the big-budget advertisers, you must hide or remove the ugly.

Expecting internet platforms to eliminate hate and harassment is likely to disappoint. As the number of users climbs, community management becomes ever more difficult. If mistakes are made 0.01% of the time, that could mean tens of thousands of mistakes. And for a community looking for clear, evenly applied rules, mistakes are frustrating. They lead to a lack of trust. Turning to automation to enforce standards leads to a lack of human contact and understanding. No one has figured out the best place to draw the line between bad and ugly — or whether that line can support a viable business model.

The basic problem is that we remember the vicious words and acts more than the kind ones; possibly we’re evolutionarily set out that way.
link to this extract

Dozens of phone apps with 300M downloads vulnerable to password cracking » Ars Technica

Dan Goodin:

many smartphone apps still allow users to make an unlimited number of login attempts. That failure allows attackers to cycle through long lists of the most commonly used passwords. Given the difficulty of entering strong passwords on smartphone keyboards, it’s a likely bet that it wouldn’t be hard to compromise a statistically significant number of accounts over a period of weeks.

According to research from smartphone security firm AppBugs, dozens of Android and iPhone apps downloaded more than 300 million times contain no limits on the number of logins that can be attempted. Per the company’s disclosure policy, researchers give app developers up to 90 days to fix vulnerabilities before making them public. That means most of the 50 or so apps identified by AppBugs still aren’t being made public. Still, the grace period has expired on at least 12 apps, including those from CNN, ESPN, Slack, Expedia, Zillow, SoundCloud, Walmart, Songza, iHeartRadio, Domino’s Pizza, AutoCAD, and Kobo. Three other apps, from Wunderlist, Dictionary, and Pocket, were found to be vulnerable but were later fixed after AppBugs brought the weaknesses to the developers’ attention.

link to this extract

Start up: Apple Music’s likely effects, no Paypal in Greece, how Bitstamp was hacked, and more

Posted on July 3, 2015 by charlesarthur

Of 58 aboard, only 15 survived. But was the crash due to machine or human error?

A selection of 8 links for you. Use them wisely. I’m charlesarthur on Twitter. Observations and links welcome.

Why the next few months of Apple Music will throw up a few surprises » Music Industry Blog

Mark Mulligan:

As we revealed on our MIDiA Research report on Apple Music back in March 28% of iOS users stated they were likely to pay for the service. Among downloaders the rate is 39% and for existing subscribers that rate rises to 62%. Consumer surveys of course always over-report so we shouldn’t expect those rates of paid adoption but the relative values are interesting nonetheless.

Given that 50% of existing subscribers are iOS users the implications are that a big chunk of Spotify et al’s subscribers will at the very least try out Apple’s 3 month trial, which is plenty enough time to get build a comprehensive library of playlists and to get hooked. But there is also going to be a big wave of downloaders that do not currently subscribe that will try it out.

As the iOS 8.4 update virtually pushes iTunes Music users into starting the trial on updating, expect pretty widespread uptake of the trial. Apple reached 11 million users for iTunes radio within 5 days of launch, 21 million within 3 months. Apple Music has had a far bigger build up and is much more deeply integrated into iOS so a fairly safe bet is that those numbers will at the very least be matched.

It’s getting people to pony up that’s hard. Adding Android users (with Apple Music for Android in autumn) might just be the icing on the cake; iOS is where the numbers and easy money will be.

Mulligan points to other surprises too – read on there.

Reddit’s AMA subreddit down after Victoria Taylor departure » Business Insider

Biz Carson:

The iAMA and Science subreddits both were set to private today after Reddit’s director of Communications, Victoria Taylor was allegedly dismissed. In a Reddit thread about her departure, she replied that she was “dazed” and “hopefully” plans to stay in the PR field.

Reddit and Taylor have not yet responded to request for comment.

One of Taylor’s job duties was coordinating the site’s popular AMAs. Two of the site’s most popular posts ever are AMAs: the one with Barack Obama and a conversation with a man with two penises. The AMA subreddit became such a popular section of the site that Reddit eventually spun it out into its own app.

Something’s up at Reddit; it’s either going to come through this much stronger, or run into the sand.

40 states line up with Mississippi in Google Adwords pharma scrap » The Register

Andrew Orlowski:

Attorneys General representing 40 US states have filed an amicus brief backing Mississippi attorney general Jim Hood’s investigation into Google.

In December, the giant multinational sued the state of Mississippi after it had opened an investigation into Google’s business practices (claiming Hood’s complaints did not come under state law jurisdiction), and earlier this year a District Court froze this investigation.

The attorneys say if the freeze is upheld, it will have a chilling effect on investigative subpoenas across the US.

Hood’s 79-page subpoena inquires mainly into Google’s advertising practices, focussing on the sale of illegal and controlled substances.

Four pages consist of inquiries into how Google deals with IP enforcement. It follows from a 2011 non-prosecution agreement (NPA) between Google and the FBI, the FDA and Rhode Island into rogue drug traffickers, who used Google Adwords to move their wares. Google agreed to a $500m fine, $230m of which was funnelled to Rhode Island.

The NPA lapsed in 2013, three months early, with no indication from Federal authorities that Google had actually complied. That’s when the states got serious.

This is an odd case. Hood comes across as a little obsessed (but is that bad in a lawman?), but Google comes across as vindictive – and not a little defensive.

Bitstamp Incident Report (PDF) » Bitstamp

The bitcoin exchange had 18,000 BTC, worth (then) about $5m, stolen:

On 9 December 2014, Bitstamp’s Systems Administrator, Luka Kodric, received a phishing email to his Gmail account. Unlike some of the others targets, Kordic did have access to Bitstamp’s hot wallet. The email header had been spoofed to appear as if it had been sent from konidas@acm[.]org, although it was actually received from a Tor exit node [the email chain and header details can be seen in full at Appendix A].

ACM is the Association for Computing Machinery, which describes itself as the world’s largest educational and scientific computing society. The sender was offering Mr. Kodric the opportunity to join Upsilon Pi Epsilon (UPE), the International Honour Society for the Computing and Information Disciplines.

The UPE site is hosted within the acm.org domain. On 11 December, as part of this offer, the attacker sent a number of attachments. One of these, UPE_application_form.doc, contained obfuscated malicious VBA script. When opened, this script ran automatically and pulled down a malicious file from IP address 185.31.209.145, thereby compromising the machine.

As the security researcher The Grugq observed, “Computer security is such an unsolved problem that Bitstamp lost $5m because someone had macros enabled in Microsoft Word.”

The (slight) rise of _nomap » OpenSignal blog

Samuel Johnson, on OpenSignal’s checking of how many Wi-Fi networks added the suffix “_nomap” to stop Google mapping their location:

This graph also shows a rise beginning at the end of 2013 and continuing into 2014. Edward Snowden’s revelations about the NSA’s privacy incursions occurred during the summer of 2013 – and so it is possible that the heightened awareness about privacy issues could have led to more people taking care that Google was not recording their Wi-Fi hotspot. However, compared to the number of global Wi-Fi networks detected by OpenSignal, it is clear that the number that adopted Google’s solution is very small.

So why is this? Obviously it was deeply concerning that Google were tracking payload data – but it is not in itself concerning that they are collecting Wi-Fi SSIDs (after all, this is what we at OpenSignal do). Those technologically savvy enough to have followed the story (and continued to do so months after the initial outburst of outrage) will know that Google had publicly pledged to stop tracking Wi-Fi payload data, and so any appending _nomap to their Wi-Fi hotspots would not make any difference to that.

We’ve finally hit the breaking point for the original Internet » The Washington Post

Brian Fung:

It’s finally happened. The North American organization responsible for handing out new IP addresses says its banks have run dry.

That’s right: ARIN, the American Registry for Internet Numbers, has had to turn down a request for the unique numbers that we assign to each and every smartphone, tablet and PC so they can talk to the Internet. For the first time, ARIN didn’t have enough IP addresses left in its stock to satisfy an entire order — and now, it’s activated the end-times protocol that will see the few remaining addresses out into the night.

The end of IPv4 has been forecast for a few years now. Looks like it’s actually going to happen, and we’ll move to IPv6.

PayPal no longer works in Greece—and why that matters » Quartz

Shelly Banjo:

Adding to their list of woes, Greeks can no longer use their PayPal accounts.

Limits on how much money Greeks can take out of banks put in place by their debt-stricken government as it negotiates with lenders have effectively crippled the online payment service, which relies on traditional banks and credit cards to transfer money.

According to a PayPal spokesman:

Due to the recent decisions of the Greek authorities on capital controls, funding of PayPal wallet from Greek bank accounts, as well as cross-border transactions, funded by any cards or bank accounts are currently not available. We aim to continue serving our valued customers in Greece in full, as we have for over a decade.

Except that they can’t serve their valued customers. So, why does it matter?

PayPal’s shutdown in Greece reminds us how difficult it is to disintermediate banks from the flow of money.

Well duh. Did you think it was all going to bitcoin? As the Bitstamp link above shows, good luck with that.

Faulty credit card-sized connector led to crash of 20-tonne plane » Bloomberg Business

Tim Culpan:

A faulty connector about the size of a credit card helped trigger a series of mechanical and human failures that led to the crash of a 20-ton aircraft in February, killing 43 people, investigators in Taiwan found.

Microscopic tests of a soldered connector joint on the TransAsia Airways Corp. plane engine showed potential cracking, and the connector failed post-crash tests, the Aviation Safety Council said in a report today.

That failure is at the heart of why the ATR72 twin-propeller plane incorrectly sounded a cockpit warning and an engine adjustment known as autofeather. That set in motion a series of pilot errors that eventually crashed the aircraft into a downtown Taipei river Feb. 4.

The autofeather made the engine ineffective. Pilot error then played a big part: they shut down the other engine, wrongly thinking it was the affected one.

How do you design faults like those out of a system? First the machines screw up, then the humans.