They’re lying in wait. Damn hackers. Photo by robertodevido on Flickr.
You can now sign up to receive each day’s Start Up post by email. You’ll need to click a confirmation link, so no spam. (Tell your friends too. Or, if you’re like that, your enemies.)
A selection of 13 links for you. Use them wisely. I’m @charlesarthur on Twitter. Observations and links welcome.
University attacked by its own vending machines, smart light bulbs & 5,000 IoT devices • Network World
“Ms Smith”:
»
Today’s cautionary tale comes from Verizon’s sneak peek (pdf) of the 2017 Data Breach Digest scenario. It involves an unnamed university, seafood searches, and an IoT botnet; hackers used the university’s own vending machines and other IoT devices to attack the university’s network.
Since the university’s help desk had previously blown off student complaints about slow or inaccessible network connectivity, it was a mess by the time a senior member of the IT security team was notified. The incident is given from that team member’s perspective; he or she suspected something fishy after detecting a sudden big interest in seafood-related domains.
The “incident commander” noticed “the name servers, responsible for Domain Name Service (DNS) lookups, were producing high-volume alerts and showed an abnormal number of sub-domains related to seafood. As the servers struggled to keep up, legitimate lookups were being dropped—preventing access to the majority of the internet.” That explained the “slow network” issues, but not much else.
The university then contacted the Verizon RISK (Research, Investigations, Solutions and Knowledge) Team and handed over DNS and firewall logs. The RISK team discovered the university’s hijacked vending machines and 5,000 other IoT devices were making seafood-related DNS requests every 15 minutes.
«
link to this extract
One reason staffers quit Google’s car project? The company paid them so much • Bloomberg
Alistair Barr and Mark Bergen:
»
The unorthodox system started in 2010, soon after Google unveiled its first self-driving vehicle. It was constructed to tie employees’ fortunes to the performance of the project, rather than Google’s advertising money machine. In addition to cash salaries, some staffers were given bonuses and equity in the business and these awards were set aside in a special entity. After several years, Google applied a multiplier to the value of the awards and paid some or all of it out. The multiplier was based on periodic valuations of the division, the people said.
The precise metrics that the division was measured by – and caused the bonuses to balloon – are not known. But by 2015, the Google car project had come a long way: Google’s vehicles had logged more than one million autonomous miles; car companies including Toyota Motor Corp. and Tesla Inc. announced their own plans to develop autonomous systems; and analysts predicted the technology would transform the auto industry.
A large multiplier was applied to the compensation packages in late 2015, resulting in multi-million dollar payments in some cases, according to the people familiar with the situation. One member of the team had a multiplier of 16 applied to bonuses and equity amassed over four years, one of the people said. They asked not to be identified talking about private matters.
Part of the problem was that payouts snowballed after key milestones were reached, even though the ultimate goal of the project – fully autonomous vehicles provided to the public through commercial services – remained years away.
«
Tricky to find the right financial package when real payoff could be years away, but you want to prevent them heading off to a startup.
link to this extract
Tech and the Fake Market tactic • Medium
Anil Dash:
»
These new False Markets only resemble true markets just enough to pull the wool over the eyes of regulators and media, whose enthusiasm for high tech solutions is boundless, and whose understanding of markets on the Internet is still stuck in the early eBay era of 20 years ago.
Fake markets don’t just happen in traditional products and services — they’re coming to the world of content and publishing, too. Publishers are increasingly being incentivized to use platforms like Facebook’s Instant Articles and Google’s AMP format. Like Uber’s temporarily-subsidized cheaper prices and broader access to ride hailing, these new publishing formats do offer some short-term consumer benefits, in the form of faster loading times and a cleaner reading experience.
But the technical mechanism by which Facebook and Google provide that faster reading experience happens to incidentally displace most of the third-party advertising platforms — the ones that aren’t provided by Facebook and Google themselves. Facebook publishers who use these new distribution channels are incentivized to use Facebook’s advertising platform, where payment rates and profit margins can be unilaterally changed at any time. Just as Uber subsidizes fares during the phase when they’re displacing regulated taxis, Facebook subsidizes publishers’ ad rates during the phase when they’re displacing third-party advertising networks.
«
link to this extract
Apple suspends sales of LG UltraFine 5K monitor • Business Insider
Steve Kovach:
»
We were able to confirm that Apple ordered the sales suspension by calling a representative at an Apple Store in New York. The representative also confirmed there’s a hardware issue with the new monitor.
Our source says Apple Store employees were instructed this weekend to continue to display the LG monitors on the show floor but not sell them if a customer wants one. Apple’s online store listed the monitor as shipping within five to six weeks as of Monday morning.
Apple helped LG develop the UltraFine monitor and launch it with the new MacBook Pro. But since the monitor’s launch, there have been reports of problems such as screen flickering, interference with nearby routers, and other issues. There’s an entire thread of the problems documented on this MacRumors forum.
«
What a mess this has been. Apple lets LG design the thing, and it’s a complete goatscrew.
link to this extract
Oroville dam spillway failure • Metabunk
Mick West:
»
Officials are warning those living downstream of Lake Oroville’s dam to evacuate because of a risk the dam’s emergency spillway could collapse.
“They have what they expect to be an imminent failure of the axillary spillway,” said Mike Smith, a spokesman for the California Department of Forestry and Fire Protection. “What they’re expecting is as much as 30 vertical feet of the top of the spillway could fail and could fail within one to two hours. We don’t know how much water that means, but we do know that’s potentially 30 feet of depth of Lake Oroville.”
The Department of Water Resources, which operates the dam, urged said at around 4:45 the emergency to fail within the next hour. Oroville residents evacuate northward.
«
It would be remiss for a site called The Overspill not to note this occasion. California has swung from drought to deluge; an effect of global warming, which puts more energy into the atmospheric system, which (rather like putting more energy into any system) makes it more unpredictable and energetic.
The comments on the post capture far more about what happened.
link to this extract
You should ignore the GSMA’s “Advanced Messaging”, RCS & “Universal Profile” • Disruptive Wireless
Dean Bubley:
»
Expect the MWC announcements to talk breathlessly about how this is going to enable “Messaging as a Platform” (MaaP), and there will likely be some dubious-seeming big numbers mentioned. Any claims of “XXXmillion active users” should be *very* carefully questioned and analysed – what actually counts as use? There will be a lot of spin, painting what is essentially legacy SMS usage with a new app, as RCS. Daily is much more relevant than monthly data here.
Most probably, you’ll hear lots of hype and PR noise about “mobile operators winning back against the OTTs”, or “people won’t need to download apps”, or “everyone is fed up of having 17 messaging apps”. You’ll hear that it can use network—based QoS, which is great for VoLTE primary-telephony calls, but irrelevant otherwise. Vendors will probably say “well you’ve got an IMS for VoLTE so you should sweat the assets and add extra applications”.
We might even get an announcement about “advanced calling”, which is a way to improve phone calls with pre/mid/post-call capabilities (not actually a bad idea if done well) but force-fitted to use RCS rather than a more pragmatic and flexible approach (which is a very bad idea, and likely executed very poorly).
So ignore it. There are no customers, no use-cases, and no revenues associated with “advanced messaging”. It’s the same pointless RCS zombie-tech I’ve been accurately predicting would fail for the last decade. It’s still dead, still shambling around and still trying to eat your brain. It’s managed to bite Google and Samsung, and they’ll probably try to infect you as well.
«
link to this extract
Jaguar Land Rover suspends all UK online advertising following terror accusations • Driving.co.uk
Will Dron:
»
Ads for the Jaguar F-Pace (pictured) and Mercedes-Benz E-class have both appeared on YouTube next to a pro-Isis video that had been viewed more than 115,000 times, but has since been removed by the video sharing website.
An ad for Honda has appeared on extremist videos posted by supporters of groups that include Combat 18, a violent pro-Nazi organisation, and an authorised Nissan dealer’s adverts appear on the official YouTube channels of far-right parties including the British National Party and the English Defence League.
Mercedes said it had asked its media agencies to “review and if necessary update” the blacklist of website terms it uses to prevent ads from appearing in inappropriate places. Honda also said it has a blacklist and that the adverts in question were not placed by Honda UK.
«
Well of course not, Honda, but that makes little difference.
link to this extract
Samsung reportedly signs deal with Apple to make 160 million OLED panels for iPhone 8 • 9to5Mac
Benjamin Mayo:
»
Samsung has signed a deal with Apple to make 160 million OLED panels for the company’s next-generation iPhone, according to the Korea Herald. The iPhone 8 will likely debut in the fall with an OLED screen and Apple needs all the panels it can get for its new flagship phone.
The iPhone 8 is expected to distance itself from the iPhone 7 with a radical new all-glass design, an OLED screen between 5.2-5.8 inches, wireless charging. Rumors indicate the phone will have almost no bezels with the Touch ID home button somehow integrated into the screen.
In 2016, Apple and Samsung had already agreed a 100 million unit deal. According to this latest report, the company has extended its manufacturing agreement and now wants Samsung to provide 160 million panels. A timeframe for the delivery is not specified in the report, unfortunately.
«
And just to round out your iPhone 8 rumour points…
link to this extract
Apple joins Wireless Power Consortium/Qi, lending weight to rumor of wireless charging for iPhone 8 • 9to5Mac
Ben Lovejoy:
»
Long-running rumors that Apple will add wireless charging to the iPhone 8 have been lent additional weight with the news that the company has joined an industry group devoted to wireless power.
Apple is now listed as one of the 213 members of the Wireless Power Consortium. It was not present in a cached version of the page from a week ago.
While early rumors suggested that Apple was holding out for long-range charging, without the need to place the iPhone on a charging pad, those hopes appear to have been dashed by more recent reports. These suggest that Apple will, like other manufacturers, use simple inductive charging.
One of those reports even indicated that Apple will not include a charger in the box with the iPhone, instead offering it as an optional accessory at extra cost.
While Apple may indeed have been aiming for long-range RF charging, IHS Technology analyst Vicky Yussuff says that the company couldn’t wait any longer.
The success of wireless charging adoption from Apple’s competitors is something that Apple can no longer ignore. IHS Technology consumer survey data shows over 90% of consumers want wireless charging on their next device.
«
The Apple Watch uses Qi charging, but tweaked. One assumes the iPhone 8 will follow suit. *Sherlock Holmes voice* So, Watson, what does this tell us about the future for the Lightning port?
link to this extract
Inside the meltdown of Evan Williams’ startup, Medium • Business Insider
Julie Bort:
»
All the people Business Insider spoke to agreed: They admire and like [former Blogger founder, Twitter co-founder and Medium founder Ev] Williams . He’s a hard worker — first one in the office, last one to leave.
Employees said they loved their jobs. It wasn’t just the perks like free lunch and on-site meditation sessions; their CEO also treated them as a doting parent would.
“He’s an amazing person to work with,” an employee said. “He challenged me in ways I didn’t think were possible.”
Williams listens carefully to ideas, then helps an employee look at a situation from a new perspective. He encourages experimentation and doesn’t penalize failure.
But Williams and his right-hand strategy man, Ed Lichty, were also both described as “nonconfrontational” to a fault. They didn’t have the “hard conversations” or do ongoing course corrections to build a sustainable business, multiple people said.
Their messages to the staff were so consistently upbeat — and the startup was so well funded — that employees felt complacent, people told us. (Lichty, who has been with Medium for four of its five years, is also leaving, multiple people said. Medium declined to comment.)
Yet this was the second time they changed business models. Medium had previously toyed with being a publication itself, hiring writers and editors. Then it shuttered that effort. Employees were asked to voluntarily resign or relocate to other jobs.
Even if Williams finally gets the business model right, at this point he would have to rebuild trust and credibility in the media world.
«
Might be able to imagine one happening, but not both. It’s a shiny car, but it hasn’t got an engine.
link to this extract
ComScore reports $109bn in Q4 2016 total digital US retail e-commerce spending • ComScore
»
comScore today reported Q4 2016 U.S. retail e-commerce spending from desktop computers and mobile devices. For Q4 2016, $109.3bn was spent online, marking an 18% increase versus the same quarter in 2015. The majority of online buying occurred on desktop computers, with $86.6bn spent, up 13% vs. year ago. Meanwhile, m-commerce spending on smartphones and tablets contributed $22.7bn, with a significantly higher year-over-year growth rate than desktop at 45%.
«
Let me save you the calculation: on that basis, mobile spending would overtake desktop in about six years. More likely though is that something brings growth to a stop for both.
link to this extract
Hugs and databases: in memory of Hans Rosling • World Bank Data Blog
Tariq Khokhar:
»
Rosling, trained as a statistician and physician in the late 1970s, spent two decades studying outbreaks of konzo in rural areas across Africa. It was only in the 2000s he turned his attention to another type of disease – one which prevents knowledge locked away in datasets from being put to work for the public good.
He called it “Database Hugging Disorder” or “DBHD.” And the World Bank, along with other development organizations, had a chronic case of it.
Hans’ relationship with the Bank was initially adversarial. At the time, the institution’s business model for data relied on selling subscriptions to databases to fund their production. While of great interest, access to most of the Bank’s data was limited to those who could afford to pay for it.
Rosling’s quest to set data free was always a family affair. His son Ola and Ola’s wife Anna once joined him on a trip to DC to meet Shaida Badiee – then head of the Bank’s Data Group. Anna tells me they’d gone to discuss ways of making more of the Bank’s data freely available, but that the conversation turned to better ways of presenting data.
Hans asked Anna to show off some new animated bubble charts she and Ola had been working on. “Her eyes went wide,” said Anna, “Shaida got up and just hugged me with joy.” In all the time she’d worked with development data, Shaida tells me she’d never seen anything that helped bring it to life like that. She immediately offered to make the Banks’ data available to Hans’ team if the Bank could make use of the bubble charts on its own website. Hans’ response? No deal. The data should be freely available for everyone to use.
«
And now, it is.
link to this extract
Making More Outside The App Store • Rogue Amoeba
Paul Kafasis:
»
With the exception of our audio editor Fission, all of Rogue Amoeba’s apps are distributed and sold exclusively through our site. Popular tools like Audio Hijack and Airfoil provide concrete proof that products can thrive while never being sold through the Mac App Store. However, we have one application that followed a path similar to Dash’s. Our charmingly simple audio recording app Piezo was originally distributed in both the Mac App Store and via direct sales, but it has since left the App Store.
After seeing Kapeli’s chart, I was curious about the App Store’s impact on Piezo’s sales. The restrictions and limitations of the Mac App Store ultimately led us to remove Piezo on February 12th, 2016. We’ve now been selling it exclusively via our site for a year. This has provided about as perfect a real-world test case as one could hope for. Piezo’s removal came with minimal publicity, the price has remained constant at $19, and we’ve had no big updates or other major publicity for it in either 2015 or 2016.
So what do the numbers tell us? Here’s a chart showing unit sales for the last four quarters in which Piezo was sold through both the Mac App Store and directly via our website, as well as the subsequent four quarters when it was sold exclusively via direct sale.1
Piezo Units by Quarter
The Mac App Store previously made up about half of Piezo’s unit sales, so we might have expected to sell half as many copies after exiting the store. Instead, it seems that nearly all of those App Store sales shifted to direct sales.
«
There has long been a shareware economy; the attempts by Apple (and subsequently Microsoft) to impose a mobile-style app store system onto that economy, and extract a publisher’s 30% cut, has only served to highlight that (1) search in app stores is woefully broken (2) promotion in app stores isn’t as useful as word of mouth (3) 30% is a lot of money to give up in low-value transactions.
The Mac App Store might have been a nice idea if it had been there from day one – perhaps the problems with search might have been solved – but as a retrofit, it’s doomed.
link to this extract
Errata, corrigenda and ai no corrida: none notified
Filed under: links