Shared posts

17 Apr 12:10

AI:s lilla hemlighet: det drivs av människor

by Jonas Söderström


Okvalificerade arbeten som bara innehåller enkla, repetitiva moment var något vi förknippade med gamla tiders industrijobb. Som att stansa samma hål i en plåt 800 gånger per dag, eller liknande.

Det digitala samhället har dock inte befriat oss från lågbetalda och monotona jobb. Men nu handlar det till exempel om att för några ören klicka på bild efter bild efter bild som innehåller en bil, eller något annat objekt – med syftet att träna ”AI”, dvs maskinlärnings-algoritmer, med basdata.

”Digital microwork” utförs främst i fattiga delar av världen. Artikeln AI’s dirty little secret: It’s powered by people (5 mars 2018) visar fascinerande bilder av digital arbetsmiljö* i Venezuela och Indonesien.

Viktigt att komma ihåg att även en låg ersättning kan vara en viktig inkomst i fattiga delar, och även ett enformigt jobb är bättre och säkrare än många alternativ.

Men kommer inte även dessa jobb att försvinna snart? Kanske inte: så länge priset kan pressas ner kan det förmodligen löna sig att fortsätta använda människor. Riskkapitalisten som intervjuas i artikeln ser att människor kommer att finnas med i AI-utvecklingen ”for a long, long, long time to come”. Och han ser ”billions of dollars of opportunity” i att låta lågbetalda människor driva AI.

*Kom ihåg definitionen av digital arbetsmiljö: alla förhållanden i arbetet där man styrs av eller interagerar med digitala system.

17 Apr 07:03

Zillow, Aggregation, and Integration

by Ben Thompson

Last Friday something truly remarkable happened: a public company that had grown its valuation from $539 million to nearly $7 billion in seven years announced it was changing its business model. The company was Zillow, and the stock market quickly put a price on how big of a risk the company was taking; from CNBC:

Zillow shares plunged 9 percent on Friday after the online real estate database company announced it will begin buying and selling homes, a capital-intensive endeavor. With Zillow’s new program, announced on Thursday, home sellers in the test markets of Phoenix and Las Vegas will be able to use Zillow’s platform to compare offers from potential buyers — and Zillow. When Zillow purchases a home, it will aim to quickly flip the home, making updates and repairs and listing it as soon as possible. An agent will represent Zillow in each transaction.

“We’re entering that market and think we have huge advantages because we have access to the huge audience of sellers and buyers,” Zillow CEO Spencer Rascoff said on CNBC’s “Squawk Alley.” “After testing for a year in a marketplace model, we’re ready to be an investor in our own marketplace.”

But investors are less enthusiastic. Flipping homes, a model that’s being utilized by start-up Opendoor, is very different than operating an internet marketplace. It carries additional risk associated with buying and selling homes and requires a hefty investment in operations. And it also potentially puts Zillow in direct competition with the realtors on its platform. Zillow sank $5, or 9.3 percent, to $48.77 as of mid-day on Friday, knocking more than $900 million off its stock market value.

That’s a lot of money to bet on…well, what exactly? What kind of company is Zillow today, and what kind of company does it hope to be in the future?

Zillow and Aggregation Theory

Last fall I refined Aggregation Theory by Defining Aggregators. To quickly summarize, I wrote that Aggregators as a whole share three characteristics:

  • A direct relationship with users
  • Zero marginal costs to serve those users
  • Demand-driven multi-sided networks that result in decreasing acquisition costs

This allows Aggregators to leverage an initial user experience advantage with a relatively small number of users into power over some number of suppliers, which come onto the platform on the Aggregator’s terms, enhancing the user experience and attracting more users, setting off a virtuous cycle of an ever-increasing user base leading to ever-increasing power over suppliers.

Not all Aggregators are the same, though; they vary based on the cost of supply:

  • Level 1 Aggregators have to acquire their supply and win by leveraging their user base into superior buying power (i.e. Netflix).
  • Level 2 Aggregators do not own their supply but incur significant marginal costs in scaling supply (i.e. Airbnb or Uber).
  • Level 3 Aggregators have zero supply costs (i.e. App Stores or social networks)

Where, then, does Zillow fit? It certainly has the hallmarks of an Aggregator: users go to Zillow directly to look for homes, Zillow incurs zero marginal costs to serve those users, and the company has created a two-sided market where its suppliers (home sellers) are incentivized to come onto the platform on Zillow’s terms in order to reach Zillow’s end users, thus making the platform more attractive to those end users.

The question of supply is more complicated; in North America real estate listings are gathered in hundreds of local multiple listing services (MLSs) run by local realtor associations, and access is restricted to brokers in that local region. Redfin got access to those listings by becoming a broker itself, but Zillow, at least at the beginning, relied on brokers uploading listings themselves — which they were willing to do, thanks to the userbase Zillow had already built up thanks in part to its Zestimate house valuation tool.

This was Aggregation Theory in action: gain users with a new kind of user experience, then leverage that user base to get suppliers to come onto your platform on your terms, further improving the user experience. And, eventually, Zillow was able to parlay that user base into direct access to those MLS services, first via the owners of Realtor.com, and then, when they pulled the agreement, via local MLSs and brokers directly who understood how important it was to stay on Zillow.

Interestingly, this means that Zillow arguably started out as a Level 3 Aggregator, and then stepped down to a hybrid of Level 1 and Level 2: cutting all of those deals is expensive, and the company does pay for the data, but it’s not exclusive by any means. And this, by extension, gets at why Zillow, despite having so many of the characteristics of an Aggregator, just doesn’t seem nearly as important as companies like Netflix or Airbnb or Facebook: it has accommodated itself to the real estate industry; it hasn’t transformed it.

The Real Estate Media Company

The first sentence in Zillow’s S-1 was its mission statement: “Our mission is to build the most trusted and vibrant home-related marketplace to empower consumers with information and tools to make intelligent decisions about homes.” In 2014, though, the company coined a new description for itself: a “real-estate media company.”

The occasion was the purchase of Trulia: both companies made money selling ads to real estate agents eager to get their listings at the top of the two real estate aggregators that were the top two starting points for real estate searches; by emphasizing they were both media companies Zillow could claim they both had many competitors and weren’t competitive with real estate agents all at the same time.

It also had the benefit of being true (until last week). The real estate business in North America has long been an expensive quagmire, for reasons I laid out when Zillow bought Trulia:

  • While real estate transactions in the aggregate are very frequent, for individual buyers and sellers they are very rare. Thus there is little incentive to push for a simpler solution.
  • A real estate transaction is usually the largest transaction most buyers and sellers will undertake, which makes them very risk averse and unwilling to try an unconventional service.
  • There is a lot of regulation and paperwork associated with a real estate transaction, where assistance is very valuable. And, as just noted, transactions are rare, which means there is little incentive to learn how to deal with said regulations and paperwork on your own.

Combine the reticence of consumers to push for change with the local realtor association-controlled MLSs, and a willingness by realtors to punish anyone changing the status quo (by not showing a house, or pointing out flaws that would kill a sale), and the best outcome for Zillow was to be an aggregator but not an integrator: the company was completely removed from the purchase process.

Integration and Aggregation

This gets at why Zillow, for all of its success, seems so underwhelming compared to other Aggregators. One of the key theories underpinning Aggregation Theory is Clayton Christensen’s Conservation of Attractive Profits, which I explored in the context of Netflix while developing the theory:

The Law of Conservation of Attractive Profits1 [was] first explained by Clayton Christensen in his 2003 book The Innovator’s Solution:

Formally, the law of conservation of attractive profits states that in the value chain there is a requisite juxtaposition of modular and interdependent architectures, and of reciprocal processes of commoditization and de-commoditization, commoditization, that exists in order to optimize the performance of what is not good enough. The law states that when modularity and commoditization cause attractive profits to disappear at one stage in the value chain, the opportunity to earn attractive profits with proprietary products will usually emerge at an adjacent stage.

That’s a bit of a mouthful, but the example that follows in the book shows how powerful this observation is:

If you think about it in a hardware context, because historically the microprocessor had not been good enough, then its architecture inside was proprietary and optimized and that meant that the computer’s architecture had to be modular and conformable to allow the microprocessor to be optimized. But in a little hand held device like the RIM BlackBerry, it’s the device itself that’s not good enough, and you therefore cannot have a one-size-fits-all Intel processor inside of a BlackBerry, but instead, the processor itself has to be modular and conformable so that it has on it only the functionality that the BlackBerry needs and none of the functionality that it doesn’t need. So again, one side or the other needs to be modular and conformable to optimize what’s not good enough.

Did you catch that? That was Christensen, a full four years before the iPhone, explaining why it was that Intel was doomed in mobile even as ARM would become ascendent.2 When the basis of competition changed away from pure processor performance to a low-power system the chip architecture needed to switch from being integrated (Intel) to being modular (ARM), the latter enabling an integrated BlackBerry then, and an integrated iPhone four years later.3

The PC is a modular system whose integrated parts earn all the profit. Blackberry (and later iPhones) on the other hand was an integrated system that used modular pieces.
The PC is a modular system whose integrated parts earn all the profit. Blackberry (and later iPhones) on the other hand was an integrated system that used modular pieces. Do note that this is a drastically simplified illustration.

More broadly, breaking up a formerly integrated system — commoditizing and modularizing it — destroys incumbent value while simultaneously allowing a new entrant to integrate a different part of the value chain and thus capture new value.

Commoditizing an incumbent's integration allows a new entrant to create new integrations -- and profit -- elsewhere in the value chain.
Commoditizing an incumbent’s integration allows a new entrant to create new integrations — and profit — elsewhere in the value chain.

This is exactly what is happening with Airbnb, Uber, and Netflix too.

This is the original piece of Aggregation Theory that was missing from last year’s Defining Aggregators: it is one thing to sit on top of an existing industry and, well, be a media company/lead generation tool. There have been a whole host of businesses that did exactly that, and while there is plenty of money to be made, without some sort of integration into the value chain of the industry itself they simply aren’t transformative. To put it another way, aggregation doesn’t transform value chains; integration does.

Why aggregation matters is that it is the means by which new integrations are achieved:

  • Netflix leveraged its position as an aggregator of video content into the integration of the customer relationship and content creation, undoing the integration of linear channels and content creation
  • Airbnb/Uber and other similar services integrate the customer relationship with the driver/homeowner relationship, undoing the integration of cars/property with payment
  • Google and Facebook integrated content discovery with advertising, undoing the integration of editorial and advertising

More broadly — and this really gets at why Zillow is different — Aggregators that change industries (including Aggregator-like Amazon and Apple that deal with physical goods) integrate the customer relationship with however it is their industry generates revenue; Zillow, on the other hand, was completely divorced from the home selling-and-buying process.

The Threat to Zillow — and the Opportunity

Again, not all companies need to be Aggregators, and as I noted at the beginning, Zillow has become a very successful company by getting half-way there. And, to return to that Daily Update about their purchase of Trulia, I didn’t think it was even possible for them to go all the way:

So then, perhaps this deal isn’t anticompetitive, but rather the key to building a company big enough to finally shake up the homebuying process? That’s Brad Stone’s argument in Bloomberg Businessweek…But remember, Zillow/Trulia are marketing tools; who is paying for that tool? Stone has the answer in the next paragraph:

The companies, which rely on advertising from real estate agents for the bulk of their revenues, are being careful about how they discuss the future of their combined efforts.

What Stone characterizes as “careful” I characterize “prudent” and “truthful”, because let’s be honest: Zillow/Trulia are not going to bite the hand that feeds them. Nor should they! It would be irresponsible to their shareholders, employees, and all their other stakeholders. It’s very easy to fantasize about disruption; it’s much more productive to simply follow the money. (This is why Redfin is the more interesting company in this space; they use their own network of real estate agents. It’s also why they are much smaller, despite having had a head start.)

This is why last week’s news was such a surprise, to me anyways; granted, Zillow had been experimenting with facilitating sales to investors, but to fundamentally change your capital structure, margin profile, and compete with your customers in one fell swoop feels like something else entirely — and Wall Street agreed!

I can, though, see where Zillow is coming from: no one thinks the North American real estate market is the way it is because that is somehow optimal or good for consumers; the only folks that benefit from the status quo are real estate agents that continue to collect 6% of the purchase price even as their responsibilities, particularly in the case of the buying agent, run in the opposite direction of their incentives. Zillow did well to capture a portion of that 6% for itself through its realtor ad model, but that only meant that Zillow was as dependent on the status quo as the realtors.

To be sure, Zillow has long been a better bet than Redfin, which has admirably IPO’d with a business that basically adds a tech layer (and thus superior lead generation) to a traditional real estate agency; the reality is that simply adding a tech layer doesn’t change industries — that requires new business models. This, though, is where Opendoor, the startup I wrote about in 2016, is compelling: buying houses with the click-of-a-button solves a major problem for sellers, the most disadvantaged party in the entire value chain under the status quo (and thus the most open to something new). And, by definition, it means the company (and competitors like OfferPad) are involved with the transaction that drives the value chain — the actual buying and selling of homes.

Make no mistake, the business model is risky, but that is another way of saying the potential return is massive as well: truly becoming a market maker for an industry that does $900 billion worth of transactions every year has massive upside. And, by extension, massive downside for the status quo — which again, includes Zillow. That is one reason to act.

Even so, that might not have been enough for Zillow to make such a shift: remember, this is a public company accountable to shareholders, and sometimes doubling down is the most prudent course of action. That, though, is why I spent so much time discussing integration: there is a massive amount of upside for Zillow in this move as well.

Remember, Zillow is in nearly every respect already an Aggregator: it is by far the number one place people go when they want to look for a new house, and at a minimum the starting point for research when they want to sell one. They own the customer relationship! What has always been missing is the integration with the purchase itself — until last week. Zillow is making a play to be a true Aggregator — one that transforms its industry by integrating the customer relationship with the most important transaction in its respective value chain — by becoming directly involved in the buying and selling of houses.

The Zillow Experiment

This absolutely could go sidewise: Zillow is already being hammered in the stock market — investors aren’t generally fans of high-margin companies entering low-margin businesses, with huge amounts of volatility risk to boot. Moreover, Zillow is embracing a model that, should it be successful, tears down the status quo: this will not only enrage Zillow’s customers, but also endanger Zillow’s primary revenue stream.

Here, though, Zillow’s status as an almost-Aggregator looms large: we now have years’ worth of evidence that realtors will do what it takes to ensure their listings appear on Zillow, because Zillow controls end users. It very well may be the case that realtors will find themselves with no choice but to continue giving Zillow the money the company needs to disrupt their industry.

I will certainly be watching closely: how Zillow fares will result in lessons that may be applicable broadly. Think of Spotify, for example: I was a bit bearish on the company last month because of the power of Spotify’s suppliers; the bull case is that Spotify’s ownership of the customer relationship will allow the company to build out the capability to sidestep the record labels even as the record labels can’t punish Spotify because they need them. That’s exactly what Zillow is testing right now: just how much power comes from being an Aggregator, and how much an industry can be transformed when that power is wielded.

  1. Later renamed the Law of Conservation of Modularity
  2. I have my differences with Christensen, but as I’ve said repeatedly my criticism comes from an attempt to build on his brilliant work, not tear it down
  3. As I’ve noted, the iPhone is in fact modular at the component level; the integration is between the completed phone and the software. Not appreciating that the point of integration (or modularity) can be anywhere in the value chain is, I believe, at the root of a lot of mistaken analysis about the iPhone in particular
16 Apr 08:53

When a reporter is murdered, we must take over their investigation | Laurent Richard

You killed the messenger. But you won’t kill the message.

Over the past six months 45 journalists from 15 different countries have been working in secret to complete and publish investigations by the Maltese journalist Daphne Caruana Galizia, who was killed on 16 October 2017.

Cooperation is without a doubt the best protection. What is the point of killing a journalist if 10, 20 or 30 others are waiting to carry on their work? Whether you’re a dictator, the leader of a drug cartel or a corrupt businessman, exposure of your crimes is your biggest fear. Journalists are the enemy of the corrupt ecosystem that you have constructed. But what if this exposure becomes global, and the message amplified? Wherever you go, you will be questioned by the world’s press. Whatever you are trying to hide will be magnified.

And this is the mission of our new international platform, Forbidden stories: a network of journalists who are ready to take over whenever a journalist is imprisoned or assassinated. The idea is to ensure the survival of stories.

The 45 journalists who collaborated on the Daphne Project, including reporters from the Guardian, have one clear goal: to inform the public about corruption and money-laundering in Malta, within the European Union, drawing on evidence that Daphne Caruana Galizia courageously revealed over the course of 30 years.

Daphne Caruana Galizia’s murderers must know they failed. They took the life of a 53-year-old journalist and mother of three children. But whoever ordered her murder, wherever they may be today, has lost. In the coming days, the latest investigations that she was working on will be shared with millions of citizens around the world.

The Daphne Project is the first Forbidden Stories cross-border investigation – a venture I started to envisage three years ago, after a tragic event.

‘Censorship is depriving millions of people of information that is fundamental for their societies and their future'

On 7 January 2015, my office neighbours, the journalists and cartoonists of Charlie Hebdo, were massacred by terrorists from Yemen’s al-Qaida branch. The office of the press agency where I am working, Première Lignes, was just opposite Hebdo’s. By chance, I arrived at the office a few minutes after the assailants had left. As I reached the offices of Charlie Hebdo, I was faced with the horror of seeing colleagues lying suddenly silent, motionless, dead.

In 20 years of work I have covered several conflicts, including Iraq and Kashmir. I’ve investigated dictatorships. But this time it had happened in my close environment. Journalists killed for their drawings. This experience convinced me of the need for a “journalistic” response to crimes committed against the press. To defeat censorship through collaborative journalism.

In creating our platform, we have been inspired by similar initiatives. In 1976 the American journalist Don Bolles was killed when his car exploded in Phoenix, Arizona. In the days that followed, Investigative Reporters & Editors brought together 38 journalists from around the US to finish the investigation that the Arizona Republic journalist had started. In 2015, when the investigative journalist Khadija Ismayilova was locked up in Azerbaijan, a dozen colleagues from the Organised Crime Corruption Reporting Project also pursued her investigation into the corruption and tax evasion of the ruling family in Baku. Just as courageous were the journalists from the Brazilian nonprofit organisation, ABRAJI, who carried on the work started by the reporter Tim Lopez, who was burned alive in 2002 by drug traffickers in a favela in Rio de Janeiro.

In 2018, journalists continue to be murdered for their work on toxic waste trafficking, tax evasion, corruption and human rights violations. This censorship is depriving millions of citizens of information that is fundamental for their societies and the future of their countries.

It’s up to us journalists to ensure a “Streisand effect” for these investigations that have been suppressed. In 2002, when the singer, Barbara Streisand filed a complaint to remove images of her Malibu home from a website site about erosion of the Californian coast. Filing a complaint was a huge mistake. Not only did the Californian court rule in favour of the defendant, but the very process that Streisand had started attracted curious eyes. After her lawsuit, the site in question had been visited 400 000 times, whereas before she filed a complaint it had had only had six visits, two of them from her own lawyers. The Streisand effect is at the very core of Forbidden Stories: journalism to defend journalism. With this kind of solidarity, we can ensure that investigations survive.

• Laurent Richard is a journalist at Premières Lignes Télévision, and the founder of the Forbidden Stories platform

16 Apr 08:19

Jag deltog i 129 tävlingar i sociala medier. Var det värt det?

by Lo Suter

Dela! Tagga! Gilla! Med den nya föreslagna spellagen blir det enklare för företag att anordna tävlingar i sociala medier. Men hur lätt är det att vinna? Under två veckors tid deltog jag i alla tävlingar jag kunde hitta. 

Min redaktör föreslår att jag ska delta i alla tävlingar jag hittar i sociala medier och skriva om det.

– Jag vill att det ska vara hundraplus tävlingar, säger hon. 

Det låter ju som ett kul jobb. Jag säger ja.

Så här kan jag se ut när jag skriver motiveringar till obskyra tävlingar. Bild: Jacob Nyström  

Jag scrollar igenom mina flöden – det dyker inte upp några tävlingar. Jag ber kompisar och kollegor att tagga mig i alla de ser. Lite tips får jag men det räcker inte.

I den här takten kommer jag inte hitta några hundraplus tävlingar. Jag googlar ”tävlingar på internet” och hittar en portal där det läggs upp nya tävlingar varje dag. Yes. 

Första dagen deltar jag i ett tjugotal tävlingar. Jag tävlar om en brandbil i plast, Legofilmen, ett headset, en resa till Maldiverna, biljetter till Skansen och fyra förpackningar te.

Tävlingarna ställer olika krav: vissa kräver att man hittar på slogans, dikter och ramsor medan andra går ut på att man ska följa företagens konton i sociala medier, dela inlägg, tagga kompisar  eller typ infoga en ros-emoji i kommentarsfältet.

Enkelt.

Jag bakar en tårta

Jag vill ha en svårare utmaning och hittar en tävling som går ut på att man ska baka en tårta. Kravet är att man ska använda ett särskilt strössel och priset är ett presentkort på köksmaskiner på 3 000 kronor.

Jag har aldrig i mitt liv bakat en tårta så jag frågar min kollega Thomas om tips. 

– Du mosar banan och blandar med vispad grädde och kakao. Sen lägger du smeten på färdiga sockerkaksbottnar, säger han. 

Konkurrensen är hård: 600 personer deltar redan i tävlingen på Instagram. För att jag ska ha en vinstchans inser jag att tårtan måste pimpas. 

Jag och tårtan in the making. Bild: Jonatan Loxdal.

Ta-daa: 

Mönstret blev, helt omedvetet, till ett peacetecken! Är juryn pacifistiskt lagda måntro? Bild: Jonatan Loxdal.

När jag ser konkurrenternas tårtor blir jag först lite modfälld. Jag säger till Thomas att jag är rädd att tårtan inte kommer funka.

– Näe, den är ingen vinnare, men den är god, säger han.

Ser ni min tårta i flödet?! 

Tårtan gör dock inte succé i fikarummet, efter en vecka måste halva tårtan slängas. Själv kan jag inte uttala mig om smaken – jag är vegan. 

Thomas påstår att jag har förstört hans tårta. 

– Alltså tårtan ska bara bestå av den där geggan gjord på grädde, kakao och bananer. På den får man ha bananer, alternativt chokladströssel. INGET ANNAT.

”Varifrån kommer den plötsliga tävlingsmanin?”

Vanligtvis är jag ytterst sparsam med att dela saker i sociala medier. Jag interagerar och publicerar sällan saker men följer med stort intresse vad alla andra gör. En typisk sociala medier-stalker.

Min redaktör säger att jag kan skapa ett alias att tävla med om jag vill. Men jag skippar det eftersom jag misstänker att det kan minska mina vinstchanser. Jag delar alla tävlingar jag hittar på min tidslinje och taggar människor vildsint.

Folk börjar snart fråga vad jag håller på med.

Jag äter tacos med två vänner som känner till mitt tävlingsprojekt. De berättar att de träffade en gemensam kompis som var mycket frågvis kring mitt tävlande.

– Hon sa: ”varför tävlar Lo så jävla mycket?”. Hon trodde att du hade dåligt med pengar eller något. 

Mamma och vänner skriver

Bryter mot reglerna

Enligt Facebooks regler får företag inte ställa krav på att tävlingsdeltagare ska dela inlägg på sin tidslinje, eller tagga sina vänner. Ändå är det över 50 av tävlingarna jag deltar i som ställer just det kravet.

Jag mejlar Facebooks presstalesperson. 

– Den här regeln finns för att det annars skulle drabba andra användare negativt, då deras respektive nyhetsflöden och tidslinjer skulle svämma över av tävlingar, skriver Anton som inte vill uppge sitt efternamn utan tycker att jag ska referera till Facebook istället.

Min bror och en bekant skriver också

Anton säger att Facebook försöker göra det lättare att anmäla tävlingar som bryter mot reglerna.

– När något anmäls till Facebook granskar vi ärendet och tar bort allt som bryter mot våra gemenskapsregler.

Tävlingar som bryter mot lotterilagen 

Facebooks regler är ju en sak, men vad säger lotterilagen? Är de här tävlingarna ens lagliga?

I den här artikeln har jag (slarvigt) använt ”tävlingar” som ett paraplybegrepp som innefattar både tävlingar och lotterier. Det finns nämligen en skillnad mellan dem. 

  • Ett lotteri definieras av att slumpen avgör vem som vinner ett pris. Det kan till exempel gå ut på att du bara måste dela ett inlägg, tagga kompisar, infoga en emoji eller besvara en faktafråga. Företag får inte hålla i lotterier. Enbart ideella föreningar kan ansöka om att få hålla i lotterier.
  • En tävling innebär att deltagaren måste uppvisa en prestation för att vinna, där hen kan särskilja sig från andra. Det kan röra sig om att deltagarna ska hitta på en slogan, behöver skriva en dikt eller en motivering för varför just de ska vinna. Det är tillåtet för företag att hålla i tävlingar. 

Trots detta översvämmas mitt flöde alltså av lotterier. Under 2016 fick Lotteriinspektionen in 893 tips på illegala lotterier och förra året var siffran 422. 

 – Det är det vi får in absolut mest tips om, säger Josefin Aronsson på Lotteriinspektionen som bara fört statistik över detta i två år. 

– Det kan vara konkurrerande företag eller allmänheten som ringer. Det kan vara folk som tycker det är störande att det kommer upp lotterier i deras flöde.

Lågt prioriterat brott 

Om Lotteriinspektionen får in ett tips om att ett företag anordnar ett illegalt lotteri kan de ingripa – men det är ”en bedömningsfråga från fall till fall”, enligt Aronsson.

I ringa fall blir det sällan någon dom. Bryter ett företag mot lagen upprepade gånger är det mer troligt att Lotteriinspektionen hör av sig. Men det blir ofta skriftlig information om lotterilagen, sällan en polisanmälan. 

Men vad är det då för mening att folk hör av sig till er, om ni inte går vidare med fallen rent juridiskt?

Josefin Aronsson, handläggare inom arbetsgruppen illegalt spel på Lotteriinspektionen

– Att skriva och informera är mer effektivt. Om vi skulle polisanmäla dem istället så är risken ganska stor att polisen inte har tid att prioritera ärendet, och då skulle det ju inte hända någonting.

– Lotteriinspektionen har inte möjlighet att lägga alla sina resurser på Facebook, säger Aronsson.

Istället prioriteras den sortens illegalt spelande som har stor social och ekonomisk påverkan. Det kan röra sig om illegala spelautomater, pokerspel och pyramidspel där deltagarna riskerar att bli av med en insats. 

Regeringen vill legalisera fler lotterier

Den som är irriterad på lotterierna nu, kanske inte gillar att regeringens förslag om en förändrad spelmarknad med stor sannolikhet träder i kraft, 1 januari 2019.

Den nuvarande lotterilagen kommer i så fall ersättas av en ny spellag som innebär att det inte längre kommer krävas ett särskilt tillstånd för att få lotta ut priser. Det skulle alltså bli fritt fram för företag att göra det, även i sociala medier, så länge lotterierna inte kostar pengar.

 

Reglerna går tillbaka till 30-talet

Förklaringen till att företag inte tillåts ordna lotterier på sociala medier idag går faktiskt tillbaka till 30-talet. 

Företag förbjöds att hålla ”gratislotterier”. Man ansåg att även om det inte kostade något så krävdes en annan slags insats för att delta: deltagarens tid och energi.

Idag ansöker ideella organisationer om tillstånd för att hålla i lotterier av Lotteriinspektionen, men på 40-talet fick de vända sig till självaste kungen – då Gustav V.


Men finns det inte en risk att lotterierna fullkomligen exploderar på sociala medier då?

Jag försöker få tag i civilminister Ardalan Shekarabi (S) som har lagt fram lagförslaget. Hans pressekreterare Matilda Glas säger att de ska svara på mitt mejl. Inget svar kommer. 

Men så en dag ser jag Shekarabi och Glas på en etiopisk lunchrestaurang vid S:t Eriksplan. Jag ser min chans och går fram.

– Det här är en privat lunch, vi har inte tid att prata nu. Men mejla oss, säger Glas.

– Det var bra att du frågade i alla fall, säger Shekarabi som nog ser hur besviken jag blir.

Jag krigar vidare 

Jag fortsätter tävlandet. Bland annat fajtas jag om:

En flaska med 0,5 liter apelsinolja

För att kunna vinna en flaska måste man:  

  • Gilla företagets sida och inlägget.
  • Dela inlägget.
  • Tagga en vän.

Ni kanske undrar vad apelsinolja är för något?

Det gjorde jag med.

Jag googlar, tack Wikipedia:

”En eterisk olja, ett rengöringsmedel som ofta förekommer i till exempel simhallar. Oljan kan användas till det mesta från att rengöra räcken till att rensa avlopp”. 

Kyckling och matchande förkläde

När en matbutik lottar ut en ny sorts majskyckling och ett matchande förkläde är jag genast där och tävlar. Tillsammans med 91 andra Facebookanvändare.

En vegokompis markerar min tävlingskommentar med en arg emoji. Fan, nu kan jag säkert inte vinna längre. 

Blommiga strumpor i plast

Jag tävlar om ett par svartvita duschstrumpor. ”Perfekt för dig som jobbar som undersköterska/ vårdbiträde!”. 

De får en like och en delning.

Fler tycks tänka som jag. Över 1 800 personer deltar i tävlingen. 

Vem har mina uppgifter nu?

I slutet av min tävlingsperiod briserar Facebookskandalen med Cambridge Analytica. För den som missat vad det handlar om så anklagas analysföretaget för att ha samlat in personlig information om 50 miljoner Facebookanvändare. Datan ska ha använts för att skapa avancerade profiler av användarna som fick riktat pro-Trump-material skickat till sig under det amerikanska valet. 

Jag nojar jag lite: vad har jag egentligen lämnat ut för uppgifter om mig själv den senaste tiden? Vill jag ens veta? Och hur kommer tävlandet användas för att påverka mig?

Jag ringer upp Jonas Lejon, expert på IT-säkerhet för att få svar.

– All annonsering man gör på nätet vill man ju rikta in på den målgrupp som man är informerad om. Det är det man gjort med Cambridge Analytica, säger han.

Jonas Lejon

Från 2014 blev det svårare att få tillgång till information från folks profiler. Då började man med Open Graph, vilket innebar att användarna själva fick bestämma vad som skulle vara offentligt och vad som skulle vara privat av innehållet på deras profiler. Frågan är dock hur upplysta Facebookanvändarna är om detta. 

– Majoriteten av användarna vet kanske inte vad de delar med sig av. Man måste hjälpa dem att göra rätt val, säger Lejon.

 

Vilken disneyprinsessa är du? 

Quiz har också blivit uppmärksammat som ett sätt för företag att få tillgång till information om individer. Det kan ske genom att man tvingas godkänna att företaget ska få tillgång till din profil när du tar reda på jätteviktiga saker som ”vilken Disneyprinsessa är du?” eller ”vad gjorde du i ditt förra liv?”. 

Kanske har du nån gång gjort något av de där quizen på Facebook, typ "Vilken är din RIKTIGA ålder?" eller "Vem är du i…

Publicerat av KIT den 10 maj 2017


Och det är fler än jag som har drabbats när jag delat grejer på Facebook.

– När du lämnar ifrån dig information på Facebook, lämnar du även ifrån dig information om dina vänner. Delar man med sig av information till ett företag så delar man också med sig av den informationen till deras samarbetspartners, säger Lejon.

Vilka är då de värsta uppgifterna att dela med sig av vid tävlingar, lotterier och quiz?

– De som identifierar dig som person. Typ personnummer, adress och registreringsnummer till bilen.

Med andra ord: exakt de uppgifter som jag på sistone har lämnat ut otaliga gånger. Kul. 

 

Medborgares rättigheter stärks med GDPR

Den 25 maj i år införs GDPR – en EU-lag som syftar till att stärka integriteten för individer på internet. Bland annat anger den att alla företag som samlar in information måste inhämta samtycke avseende vad de delar med sig av. 

Den innebär också att när man inte använder tjänster så kan man begära att informationen ska bli raderad. Det kommer även gälla till exempel Facebook då de gör affärer i Europa. 

Så nu gäller det för företag att ställa om, och snabbt få grepp om hur de får – och inte får – hantera personuppgifter. Bryter man mot lagen kan det bli minst sagt svindyrt, eller vad sägs om 20 miljoner Euro?


Men nu till det viktiga, hur går det med mitt tävlande?

Det tar någon vecka men sen trillar första vinsten in. Yes!

Duschtvål och dagkräm.

För män.

Bild: Lo Suter

För att delta i den här tävlingen skulle man motivera varför man ville vinna. Jag skrev så här:

Tandblekningskit 

Jag vinner även ett kit för att bleka tänderna. 

En av mina framtänder är gjord av plast. Den riktiga tanden slogs ut när jag var liten och föll omkull efter att ha försökt kana ner för ett istäckt berg.

Därför kan jag inte använda tandblekningen. Jag vill inte ha tänder i olika färg. Men jag vann!

Zara-Larsson biljetter

Zara Larsson berättar på Instagram att hon lottar ut biljetter till sin spelning på Berns. Det är en privat spelning där endast personer som vunnit biljetter via sociala medier får komma samt vänner och familj.

Man måste ladda upp en instabild med Zara Larsson-filter för att delta. Så det gjorde jag. 

Jag på ett Zara Larsson-filter. 

Och jag vinner!

Men trenden att jag inte får användning för mina vinster håller tyvärr i sig. Jag har redan en grej bokad den kvällen så jag ger bort biljetterna till en kollega. Här är ett foto från spelningen:

Zara Larsson på Berns. Bild: Erica Lascelles 

Jag lovar att sluta spamma er nu

Jag vann alltså 3 tävlingar av 129. Det tog mig ungefär tio timmar att delta i tävlingarna. Jag är ingen matematiker men priserna jag vann hade ett värde på cirka 1500 kronor. Jag tjänar alltså 116 kronor i timmen på att tävla. 

Det är lite oklart om mitt tävlingsresultat är bra eller dåligt. Jag vet heller inte hur stor påverkan jag själv haft på resultatet. Hur gör man egentligen för att bli bra på att tävla på sociala medier? Fortfarande ett mysterium. 

Men jag har fått ta mig en funderare: har jag verkligen tillämpat ”sund eftertanke” som säkerhetsexperten rekommenderade mig?

Nej, det kan man nog inte påstå. 

När jag tävlat har jag många gånger lämnat ut just de uppgifter som Jonas Lejon angav som de allra känsligaste: fullständigt namn, personnummer och adress.

Vad som kommer hända med mina uppgifter nu vet jag inte. Men jag ska i alla fall sluta med sociala medier-tävlingar nu.

Innan alla blockar mig.

13 Apr 09:02

Hungarian journalists admit role in forging anti-migrant 'atmosphere of fear'

A leading editor at Hungary’s state television network punched the air in jubilation as he took a phone call on Sunday evening. Shortly afterwards, his subordinates realised what he had been told: Viktor Orbán had secured a resounding victory in the parliamentary election.

Orbán and his Fidesz party achieved a third consecutive supermajority in the Hungarian parliament after a campaign primarily fought on an anti-migrant platform. International monitors would later complain about the campaign’s “intimidating and xenophobic rhetoric” and note that public television “clearly favoured the ruling coalition, at odds with international standards”.

The Guardian spoke to several employees of the taxpayer-funded MTVA network to hear the inside story of how its channels pumped out government messaging, and at times false stories, with the goal of winning support for the prime minister’s anti-immigration message.

The journalists recalled how the network would focus on negative stories about refugees and migrants, linking them to crime and terrorism. Even on the eve of polling, there was no letup, as the M1 channel incorrectly reported a van driving into a crowd of people in Münster, Germany, as an Islamist terrorist attack.

“I’d never experienced anything like that, even at MTVA: it was a clear lie,” said one of the journalists, who spoke on condition of anonymity.

The government message that millions of dangerous migrants are waiting to enter Hungary is reinforced on TV and thousands of billboards across the country.

The Hungarian-born financier and philanthropist George Soros, who has put billions of dollars into promoting civil society in central and eastern Europe, is portrayed as being part of a plot with Brussels and the political opposition to destroy Hungary by letting in foreigners.

“I think it created an atmosphere of fear. Pavlov reflexes have been created for words like danger, terrorism, migrants, opposition, Soros and Brussels,” the journalist said. News programmes regularly show archive footage from 2015 of migrants walking in Budapest, clashes between refugees and riot police at the Hungary-Serbia border, or terrorist attacks in Europe.

“Tolerance is regularly criticised, while anti-immigration sentiment is presented as the only valid opinion,” the journalist said.

The journalists believe the anti-migrant messages often come directly from the government. People who work on stories directly involving Orbán receive a list of keywords to use. “Sometimes the editor will come into the office on the phone and dictate a whole story to us, word for word. We do not know who is on the other end of the phone,” said one.

Documents sent in error to junior MTVA staff and seen by the Guardian appear to confirm direct governmental involvement. Editorial directives produced by staff at the prime minister’s office are cut and pasted to give journalists talking points with which to carry out character assassinations of Hungarian citizens who are openly critical of the government.

One directive produced by the office last year targeted the activist Márton Gulyás, as well as a former Green party MP and a university professor. Another document focused on Soros.

An evening of debate organised by Gulyás entitled “resistance, disobedience – without violence” is spun as proof that Gulyás was preparing for unrest and clashes with police.

“It was completely ridiculous,” Gulyás said, recalling the subsequent coverage. “We had these plans to protest against the government, but our intentions were of course completely non-violent. But pro-Fidesz outlets were constantly accusing us of creating violence and scandals.”

When asked about the government directives, a spokesperson for Orbán said the government does not answer media queries as it has no control over the media. MTVA did not respond to a request for comment. The state-run media conglomerate has an annual budget of about 80bn forint (£223m).

Over the past eight years, the government has moved to consolidate its hold over Hungarian print, TV and radio networks, with many media resources being bought by government-linked figures.

Origo.hu, a popular news website, is one of many resources that changed hands, moving from a subsidiary of Deutsche Telekom to ownership by the son of the governor of Hungary’s central bank.

András Pethö, who was the deputy editor but left in 2014 to co-found a new wesbite, direkt36.hu, said: “It was a really good place to do journalism, but then they started putting pressure on us to ignore certain stories. We didn’t comply, and my editor was forced out.

“I looked at Origo in the weeks before the election, and every second story had the word migrant in the headline.”

Meanwhile, the government-friendly media largely ignores corruption scandals that broke in the run-up to the election involving leading Fidesz figures.

Orbán has four more years to rule, with a two-thirds majority in parliament that allows him to change the constitution, and there are fears that the government may move against the remaining islands of critical media. The final edition of the daily, Magyar Nemzet, one of the few outlets to run critical stories before the election, was on Wednesday. The newspaper’s owner, a businessman who fell out with Orbán, decided to stop funding it.

In the aftermath of the vote, TV2, a television channel owned by a government-friendly businessman, ran a report naming 24 alleged Soros agents, including Gulyás, independent journalists and NGO leaders. On Wednesday, the pro-government weekly Figyelő also ran a list of supposed Soros agents.

The journalists said they had decided to speak out “from a sense of decency and truth”, and said some state TV employees were thinking of resigning after the election result.

“I felt terrible, because I could see that we can and did influence people,” said one. “Some of us had reassured ourselves that nobody watches us, that we don’t matter. It turns out that we do – awfully.”

13 Apr 08:31

Yo neurotiska reklamen, sluta va så neurotisk

by fthunholm

Jag har arbetat med reklam i 20 år. Jag har alltså arbetat som säljare i 20 år. Ingen har så dåligt självförtroende som reklamen. Ingen har så gott självförtroende som reklamen. Jag står på en tunnelbaneperrong någonstans i Stockholm och Guldägget gör reklam för sin tävling, på stortavlorna över spåret, genom att visa bilder och fråga om det är reklam eller konst. Det är mer än gott självförtroende, det är hybris. Vi är säljare som skäms för att sälja. Så vi rationaliserar och vi tar i så vi skiter ner oss. Vi jämför oss helt fräckt med Leonardo da Vinci och Christer Strömholm.

”Detta är konst”, säger vi. ”Och detta är reklam.” Som vore det besläktat på något sätt, bara för att båda använder bilder. Som fanns där ett slags själslig connection. Mest deprimerande är den bakomliggande analysen, så banal som den framstår: Om människor inte gillar reklam så låt oss visa hur fin den kan vara. Då blir ju vi som konst, va?

Reklam och konst är som toppig giftspindling och trattkantarell. Till det yttre kan de vara så lika att det är svårt att skilja dem åt. Men en av dem förstör dina njurar och den andra är supermumsig på en toast.

Estetiken kan vara densamma. Etiken kan det inte. Det är så att säga grundpremissen.

Så här dåligt självförtroende har reklamen: Förra sommaren gjorde Sveriges Annonsörer en reklamkampanj med budskapet ”Reklam inte bara störande”. Där ber reklamen om ursäkt för att den finns samt säger att ”den betalar för teveprogrammen du ser, så att du slipper”.

Tänk om man skulle göra reklam för något annat än reklamen, med den approachen. ”Produkt X – inte bara värdelös.” ”Visst hatar många Y, men inte bara.”

Reklamen säger samtidigt ”detta är (nästan) konst” och ”vi är inte bara sämst”. Jag är säljare och det är okej. Men reklamen är snarare neurotiker än säljare. Den ber om sympati men skulle behöva terapi. Den skulle behöva sluta jämföra sig med annat, sluta vara så jävla ängslig och bekräftelsetörstande. Sluta upp med att hela tiden känna att den behöver motivera sin existens. Tror en säljare att hen är konstnär? Troligtvis inte. Säljaren skiter i konsten. Gör raketen, dansar med en näve i luften och klingar i en klocka så det skallrar i kontorslandskapet.

Se och lär, Guldägget och Sveriges annonsörer.

Disclaimer: Min favoritreklam, alla kategorier, är Four Days in LA, Versaces kampanj för höstkollektionen år 2000. Den består av bilder tagna av fotografen Steven Meisel och motiven är rika, olyckliga människor. Den är nästan chockerande, för den är så osympatisk och sorglig. Som en medveten parodi på det exkluderande i lyx. Det är också ett av mina favoritkonstverk. Bilderna har ställts ut på gallerier, utan Versaceloggan. Men det blir bättre konst med loggan. Kampanjen är så att säga undantaget som bekräftar regeln.

12 Apr 07:25

Faktiskt och faktiskt inte

by Hexmaster
Faktiskt.se
planerad svensk webbsajt för faktagranskning av nyheter. Sajten öppnas i april 2018 och är ett samarbete mellan bland andra Sveriges Television, Sveriges Radio Ekot, Svenska Dagbladet, Dagens Nyheter och Mittmedia. Faktiskt.se ska inte ha en gemensam redaktion, utan de deltagande redaktionerna ska faktagranska var för sig.
- IDG: Faktiskt.se

Redan innan sajten öppnat lades en fejkad kopia ut. Samma namn men en annan toppdomän, snarlik logga – allt för att folk ska ta fel. Jag gjorde det själv, innan jag blev upplyst om att sajten hänvisar till källor som Michael Zazzio (jfr bloggposten om kolloidala silver-duon, Storkvackarna Sultan och Zazzio) och InfoWars, att den ju var lite väl ryssvänlig, med mera.

Hur tar man reda på om en sida är "äkta"? Eller åtminstone vilka som ligger bakom dem?


När det gäller ogenerade varumärkesstölder så skyltar skojarna naturligtvis inte med sina uppgifter på den annars obligatoriska Om-sidan. En enkel metod som fungerade här var att göra en s.k. whois-slagning på eurid.eu. Den sajten håller reda på alla .eu-domäner, vilka som registrerat dem, när osv.

Huruvida Faktiskt.se kommer att leverera när den väl öppnar är naturligtvis en helt annan sak.
12 Apr 07:23

Why Bitcoin is bullshit, explained by an expert

by Sean Illing
A visual representation of the digital Cryptocurrency, Bitcoin on December 07, 2017 in London, England. Cryptocurrencies including Bitcoin, Ethereum, and Lightcoin have seen unprecedented growth in 2017, despite remaining extremely volatile.

It turns out cryptocurrencies and blockchains have a few problems.

Cryptocurrencies like Bitcoin are constantly in the news, as is the blockchain technology behind them.

If, like me, you don’t really understand these things, it’s hard to know what to make of all this. Is Bitcoin, and other cryptocurrencies, the future or will this experiment gradually fade away like a historical footnote? Are cryptocurrencies actually decentralized or are they controlled by small groups of people? Are they fraud-proof or can they be manipulated by insiders?

To get some answers, I reached out to Nicholas Weaver, a researcher at the International Computer Science Institute at UC Berkeley. Weaver teaches a course on blockchains and seems to think the technology is, at best, misguided and, at worst, a fraud. So I asked him to lay out his case in the simplest possible terms.

A lightly edited transcript of our conversation follows.

Sean Illing

I don’t really understand Bitcoin or blockchains, and my sense is that I’m not alone. So let’s start with a basic question: What is a blockchain?

Nicholas Weaver

It depends on what you mean. There are private blockchains, which is a 20-year-old technology that somehow causes idiots to throw money at it, and then you have public blockchains, which is supposed to be a decentralized record-keeping structure but, in reality, is both centralized and horribly inefficient. The use of private blockchains is pretty varied because there’s nothing new and it’s an old idea. The use of public blockchains is basically limited to cryptocurrencies.

Sean Illing

You say that cryptocurrencies like Bitcoin aren’t decentralized, and yet people are enamored with these currencies precisely because they believe they’re decentralized. What are they missing?

Nicholas Weaver

None of the cryptocurrencies are truly decentralized. They’re actually centrally controlled by the miners, who can basically rewrite history at will.

Sean Illing

I’m not sure we can understand who the miners are unless we understand how Bitcoin works. Can you walk me through this?

Nicholas Weaver

Imagine we have a public square that has written down everyone’s bank balance, and if I want to send you some money, I basically write a check to you and post it in the town square. The miners gather up all these unconfirmed checks and carve them into stone tablets that then go into the public square.

So if I sent you a check and you want to see that it’s good, you just look on the stone tablets and confirm that it’s good. Think of the miners as the record-keepers who manage all of this. They validate the checks, create them into a bundle (called a block), and then they get paid for their role in the process. These miners are the de facto central authority in cryptocurrency exchanges.

Sean Illing

There are plenty of people who see cryptocurrencies, however flawed, as a step in the right direction because they at least take power away from governing authorities and give individuals more freedom. But you seem to think this is bullshit. Why?

Nicholas Weaver

Well, there are multiple arguments. These systems require an obscene amount of energy to function. And the blockchains are not decentralized and they’re not efficient, so that undercuts the two main points in their favor. But the cryptocurrencies don’t work either, because they don’t actually work as currencies.

Sean Illing

What do you mean they don’t work as currencies?

Nicholas Weaver

The rationale for these things is that there’s no central authority, which means no one can block or undo a transaction. And so far at least, it’s true that transactions aren’t blocked. But why do you need such a system? Because you’re doing a transaction that a central authority would otherwise block, like paying off a hitman or buying drugs.

If that’s what you need money for, the cryptocurrencies are the only game in town. But if you don’t need to buy drugs or hitmen, the cryptocurrencies are vastly less efficient. I mean, look at the volatility of Bitcoin and other digital currencies — they’re all over the place. So if you go to one of the few legitimate merchants that take Bitcoins, they aren’t actually taking Bitcoins. They’re using a service that allows them to price in dollars, and that service immediately sells the Bitcoins and deposits the dollars with the merchants. So there’s a mandatory conversion step.

If I want to buy something with Bitcoin, I don’t like that the price is bouncing up and down either. So I have to turn my dollars into Bitcoins and then do the transaction, and that is a remarkably costly process. That, in my opinion, is not a system that works.

Sean Illing

It appears that Bitcoin’s main accomplishment is that it allows people to buy things clandestinely, only in an absurdly inefficient way.

Nicholas Weaver

Correct. But if you want to buy something you don’t want people to know about, you can just use a pre-paid credit card. There’s still no need for Bitcoin.

Sean Illing

You also say that all cryptocurrencies are plagued by frauds that were banned in the 1930s. Can you explain?

Nicholas Weaver

Cryptocurrency exchanges are not like regular stock exchanges. In a stock market exchange, stocks are all tied to together so the prices are very close. These Bitcoin exchanges are unregulated entities that allow all sorts of things that are outright frauds. For example, in a regular stock exchange, you’re not allowed to trade with yourself because that’s price manipulation. But that’s a regular occurrence on these cryptocurrency exchanges.

Some of these cryptocurrency exchanges are accused of front-running as well, which means the people who run them are using their access to see what customers want to trade and then trading ahead of them to get an advantage. There are also plausible claims about insider trading in various cryptocurrency exchanges. I could go on, but you get the point.

Sean Illing

Do you see a cryptocurrency emerging in the future that is more viable than what we’ve seen so far?

Nicholas Weaver

Well, in order to make a cryptocurrency work, you need stability. The value has to hold. So what you need is an entity that will take, say, dollars, and give you cryptodollars one-for-one and vice versa. But we know what these institutions are; they’re called banks and they use banknotes. And if you build a cryptocurrency that way, you’ve got one of three choices.

One, you act like a regulated financial entity like PayPal or Venmo and don’t allow the criminality. So where’s the novelty there? Two, you become like a wildcat bank from the 1800s and issue banknotes that aren’t backed, but then you run the risk of a bank run and your value going to zero. So what’s the point? Or you have a cryptocurrency that actually is banked by money, and doesn’t allow criminal activity, but that’s been tried before; it was called Liberty Reserve, and it was shut down for money laundering in 2013 by the US government.

Sean Illing

Is yours a minority opinion in the world of cryptocurrency?

Nicholas Weaver

Yes, because there’s a self-selecting bias. Most people who think this is bogus simply walk away. Those who are believers are believers. Very few people have followed it like I have for five years and still find it ridiculous, but that’s because I’m an academic and I have the space to do it and I find parts of it, especially the criminality, interesting. But the arguments in defense of this stuff are getting loonier and loonier.

12 Apr 07:05

Vladimir Putin’s “quasi-mystical beliefs” and the rebound of authoritarianism

by Jason Kottke

You might remember Yale historian Timothy Snyder from his 20 lessons on fighting authoritarianism (which he turned into a short bestselling book, On Tyranny). Snyder has a new book out called The Road to Unfreedom that covers the rebound of authoritarianism first in Russia and then in Europe and America.

According to this review from The Economist, the book goes into some detail about the ideological beliefs of Vladimir Putin in his quest to undermine Western democracy. A favorite thinker of Putin’s, a Revolution-era philosopher named Ivan Ilyin, advocated for a Russian monarchy while another, Lev Gumilev, believed that nations draw their power from cosmic rays?

Also present in Mr Putin’s thinking is an even more extreme anti-liberal ideology: that of Lev Gumilev, who thought that nations draw their collective drive, or passionarnost (an invented word), from cosmic rays. In this bizarre understanding of the world, the West’s will to exist is almost exhausted, whereas Russia still has the energy and vocation to form a mighty Slavic-Turkic state, spanning Eurasia.

The result, according to Snyder:

What these ways of thinking have in common, Mr Snyder argues, is a quasi-mystical belief in the destiny of nations and rulers, which sets aside the need to observe laws or procedures, or grapple with physical realities. The spiritual imperative transcends everything, rendering politics, and the pursuit of truth in the ordinary sense, superfluous or even dangerous.

You can see where the election of Donald Trump — with his own “quasi-mystical belief in the destiny” of himself and without “the need to observe laws or procedures” — is a welcome ally/patsy for Putin.

See also Putin’s playbook for discrediting America and destabilizing the West: “Just wanna make sure you all know there is a Russian handbook from 1997 on ‘taking over the world’ and Putin is literally crossing shit off.”

Tags: books   Donald Trump   politics   Russia   The Road to Unfreedom   Timothy Snyder   Vladimir Putin
12 Apr 06:34

Your Pretty Face is Going to Sell

by Joe Veix

On YouTube, there’s a long tail of content that pretty much guarantees the inclusion of every potential human interest. There are skate videos, makeup tutorials, and backyard surgical removals of blackheads. And yet the presentation of a lot of this content — especially when it’s trying to attract a large audience — is remarkably similar. Everywhere you look, there’s YouTube Face.

The Face is hard to miss once you first spot it: an exaggerated expression, an overreaction to a given video’s subject, typically conveying heightened states like disgust, anger, or ecstasy. The assault of a bad smell; a bite of something intensely sour; a faked orgasm; an elbow to the guts.

YouTube Face is most prominent in the preview images for videos. It surrounds whatever video you’re watching in a big grid of emotion. Here’s one, attached to an instructional video for driving stick shift:

And another, for an irate video game nerd:

And another, for a roundup of bad albums:

And yet another, a collection of PG-rated body horror:

Taken cumulatively, there’s a surreal, Lynchian quality to the images. Few things could ever be exciting enough to elicit these kinds of reactions, and no one could possibly be this expressive. So what’s wrong with these people? Were their brains tenderized?

No, worse. YouTube Face is clickbait, attaining human form.

 •

Like nearly everything on the contemporary web, YTF is the result of a series of matryoshka-ish financial incentives. The basic economic goal of YouTube, a subsidiary of the holding company Alphabet, Inc. — formerly Google, Inc. — is to get users to stare at videos for as many waking hours 1 as possible, so that they can be served ads tailored to their supposed interests.

To minimize overhead costs and ensure that an enormous amount of videos are uploaded, the burden to create content is placed upon the YouTube community. As encouragement, the company offers a small percentage of its ad revenue 2 back to eligible users, based upon the number of views their videos get. More views, more money.

Naturally, tropes begin to form. As certain channels gain popularity, others bite their style and techniques, trying to replicate their success. Vloggers begin to incorporate bright colors; large Impact font captions; talk in the same exact weird cadence — “Hey guys! BlackheadDigger420 here, sorry I haven’t posted in a while…” — aka YouTube Voice.

As the video market saturates, various techniques lose their power, and the attention arms race escalates. Video creators seek increasingly extreme tactics, in form as well as content. YouTube stars fake murdering their friends for a prank, for example, or filming dead bodies for shock value. 3

At some point, a user discovered that a catchy preview image tended to trigger potential viewers’ curiosity enough that they clicked through more frequently. Most likely this notion was inspired by other forms of clickbait (in style, it seems to be a mix of ~2012 Facebook newsfeed viral garbage with generic chumbox aesthetics). Then another user discovered that including a facial reaction tended to boost views further (perhaps manipulating some kind of primal feeling of empathy or morbid curiosity in the pain of others?). Over time, view count metrics gradually pushed these facial reactions into more exaggerated expressions, making everyone look like extras in a Soundgarden music video.

The aesthetic seems to have been largely popularized by the “reaction video” genre. There’s The Fine Bros, who make videos of old people reacting to new things, and young people reacting to old things. Their ~1,500 videos have received over six billion views.

There’s also The Try Guys over on BuzzFeed Video. They are guys who try things, and then react to them. Their videos have received over one billion views.

Other popular channels outside of the reaction genre also use the aesthetic. Pewdiepie, for one:

And theneedledrop:

Perhaps strangest of all, reaction videos have spawned an odd meta-genre: people reacting to reactions:

And people reacting to reactions of reactions:

Getting attention on social media platforms requires creating content designed to perform well within their ecosystems. Everything must contort to please the almighty Algorithmic Gods. It requires some guesswork, as these algorithms exist at such an ever-increasing scale and complexity that even their creators don’t — can’tunderstand them. The Algorithm Gods work in mysterious ways.

This has odd and often unexpected effects on the physical world. Restaurants attempt to create Instagram-friendly environments with nauseatingly kitschy interior designs. Hamburger buns are glazed to make them more aesthetically appealing. Extremist political campaigns are won partially on the strength of their shitposting. Perhaps the emergence of YTF hints at one of the many ways these algorithmic forces might begin to shape our physical appearances.

We’re also witnessing tactics common to the advertising industry, especially those of late-night infomercials, being utilized autonomously by individuals. People simulate the behavior of corporate brands, while corporate brands simulate people 4, hiring teams of flacks to help make something like, I don’t know, fracking seem “authentic” and “cool.”

So begins the Great Brand Singularity. Corporations, humans, and machines merging in a banal orgy of commerce. The tech is currently primitive, but it’s easy to imagine scrolling through some future feed and seeing the faces of long-deceased relatives digitally grafted onto advertisements for #FappuccinoHappyHour; close friends suddenly revealed to be replicants working for foam mattress startups; augmented reality Pillsbury Doughboys stalking us on late night walks home, their soft footsteps squishing confidently along.

Given the general trajectory of things, it seems unlikely that humanity will be exterminated by a vengeful AI, as some tech luminaries predict. No — we’ll all just be rendered into one giant sentient ad for subscription cosmetic boxes.

Yikes! But what do you guys think? Let me know in the comments below, and please take a sec to like and share my article 🙂

11 Apr 06:34

Today Zuckerberg made it clear he doesn’t care about users

After four hours of questioning, it was California Senator Kamala Harris’s turn to question Mark Zuckerberg. She immediately honed in on whether Facebook users are considered a priority in the company. Specifically, she asked about internal Facebook conversations in 2015, back when the company first learned that Cambridge Analytica had violated its terms of service to access user information. Why didn’t Facebook choose to notify users who had been affected?, she asked. “I wasn’t in a lot of meetings on the subject,” Zuckerberg said.

When Harris pressed further and asked whether there was a meeting in general, Zuckerberg couldn’t speak to it. He only spoke of the “conversation in company at the time,” and the ultimate outcome, which was to ban Cambridge Analytica from the platform.

Facebook's decision not inform users, as Zuckerberg tells it, may have happened only through neglect. Zuckerberg admitted moments later that Facebook leaders did have a meeting about the matter, but couldn’t speak to when the meeting was, who was in it, or exactly how this decision was made. He claimed he didn’t know.

The exchange could support the notion that Zuckerberg doesn’t stay involved in the decisions he purports to care the most about — ones involving users and the community — within the company that he founded and runs. The exchange may be a more accurate reflection of Zuckerberg’s priorities in a time of crisis: dealing with developers and the business side. The platform is built to collect and distribute user information useful to advertisers as efficiently as possible—a model which expressly concerns business over the safety and experience of Facebook users.

Zuckerberg’s rhetoric during questioning was steadfast in continuing to characterize Facebook as a platform for the people. After all, did you know he started the company in his dorm room? It wants to bring people closer together and foster a sense of “community.” But Facebook only began the comprehensive “audit” of Cambridge Analytica two weeks ago, as reports came out from The New York Times and the Guardian. Only this week have users begun to find out whether their information was used by the data analytics firm.

Multiple people have postulated that Zuck was in fact not the most qualified person to speak before Congress, or speak on live TV about Cambridge Analytica—a sentiment that Zuckerberg would definitely like people to believe. As Congress and Zuckerberg discuss taking steps to potentially regulate Facebook users’ right to privacy and ownership of their own data, Zuckerberg has stated again and again that he plans to cooperate and that he is not opposed to “smart” regulation. But at the end of the day, Zuckerberg’s response to Senator Harris reinforces the idea that within Facebook, users simply aren’t a priority over the company’s own practices of damage control.

11 Apr 06:28

Don’t Give Away Historic Details About Yourself

by BrianKrebs

Social media sites are littered with seemingly innocuous little quizzes, games and surveys urging people to reminisce about specific topics, such as “What was your first job,” or “What was your first car?” The problem with participating in these informal surveys is that in doing so you may be inadvertently giving away the answers to “secret questions” that can be used to unlock access to a host of your online identities and accounts.

I’m willing to bet that a good percentage of regular readers here would never respond — honestly or otherwise — to such questionnaires (except perhaps to chide others for responding). But I thought it was worth mentioning because certain social networks — particularly Facebook — seem positively overrun with these data-harvesting schemes. What’s more, I’m constantly asking friends and family members to stop participating in these quizzes and to stop urging their contacts to do the same.

On the surface, these simple questions may be little more than an attempt at online engagement by otherwise well-meaning companies and individuals. Nevertheless, your answers to these questions may live in perpetuity online, giving identity thieves and scammers ample ammunition to start gaining backdoor access to your various online accounts.

Consider, for example, the following quiz posted to Facebook by San Benito Tire Pros, a tire and auto repair shop in California. It asks Facebook users, “What car did you learn to drive stick shift on?”

I hope this is painfully obvious, but for many people the answer will be the same as to the question, “What was the make and model of your first car?”, which is one of several “secret questions” most commonly used by banks and other companies to let customers reset their passwords or gain access to the account without knowing the password.

This simple one-question quiz has been shared more than 250 times on Facebook since it was posted a week ago. Thousands of Facebook users responded in earnest, and in so doing linked their profile to the answer.

Probably the most well-known and common secret question, “what was the name of your first pet,” comes up in a number of Facebook quizzes that, incredibly, thousands of people answer willingly and (apparently) truthfully. When I saw this one I was reminded of this hilarious 2007 Daily Show interview wherein Jon Stewart has Microsoft co-founder Bill Gates on and tries to slyly ask him the name of his first pet.

Almost 5,000 Facebook users answered this common password reset secret question.

Womenworking.com asked a variation on this same question of their huge Facebook following and received an impressive number of responses:

Here’s a great one from springchicken.co.uk, an e-commerce site in the United Kingdom. It asks users to publicly state the answer to yet another common secret question: “What street did you grow up on?”

More than 500 Facebook users have shared this quiz with their network, and hundreds more shared the answer using their real names and links to their profiles.

This question, from the Facebook account of Rving.how — a site for owners of recreational vehicles — asks: “What was your first job?” How the answer to this question might possibly relate to RV camping is beyond me, but that didn’t stop people from responding.

The question, “What was your high school mascot” is another common secret question, and yet you can find this one floating around lots of Facebook profiles:

Among the most common secret questions is, “Where did you meet your spouse or partner?” Loads of people like to share this information online as well, it seems:

This common secret question has been shared on Facebook almost 10,000 times and has garnered more than 2,300 responses.

Here’s another gem from the Womenworking Facebook page. Who hasn’t had to use the next secret question at some point? Answering this truthfully — in a Facebook quiz or on your profile somewhere — is a bad idea.

Incredibly, 6,800 Facebook users answered this question.

Do you remember your first grade teacher’s name? Don’t worry, if you forget it after answering this question, Facebook will remember it for you:

I’ve never seen a “what was the first concert you ever saw” secret question, but it is unique as secret questions go and I wouldn’t be surprised if some companies use this one. “What is your favorite band?” is definitely a common secret question, however:

Giving away information about yourself, your likes and preferences, etc., can lead to all kinds of unexpected consequences. This practice may even help turn the tide of elections. Just take the ongoing scandal involving Cambridge Analytica, which reportedly collected data on more than 50 million Facebook users without their consent and then used this information to build behavioral models to target potential voters in various political campaigns.

I hope readers don’t interpret this story as KrebsOnSecurity endorsing secret questions as a valid form of authentication. In fact, I have railed against this practice for years, precisely because the answers often are so easily found using online services and social media profiles.

But if you must patronize a company or service that forces you to select secret questions, I think it’s a really good idea not to answer them truthfully. Just make sure you have a method for remembering your phony answer, in case you forget the lie somewhere down the road.

Many thanks to RonM for assistance with this post.

11 Apr 06:25

Under questioning, Zuckerberg doesn’t help digital advertising’s creepy reputation

by Tim Peterson

Mark Zuckerberg did little to help defuse digital advertising’s “creepy because it’s complicated” reputation during a congressional hearing on April 10 in the wake of Facebook’s Cambridge Analytica scandal. He may have even inflamed it.

Under questioning by Roger Wicker, a Republican senator from Mississippi, Zuckerberg revealed that not even Facebook’s CEO has a firm grasp on what information Facebook collects on people to target them with ads.

Wicker: “There have been reports that Facebook can track the user’s internet browsing activity even after that user has logged off of the Facebook platform. Can you confirm whether or not this is true?”

Zuckerberg: “Senator, I want to make sure I get this accurate. So it’d probably be better to have my team follow up afterwards.”

Wicker: “You don’t know?”

Zuckerberg: “I know that people use cookies on the internet and that you can probably correlate activity between sessions. We do that for a number of reasons, including security and including measuring ads to make sure the ad experiences are most effective, which of course people can opt out of. But I want to make sure that I’m precise in my answer, so let me follow up with you.”

Here is a more precise answer: Yes, Facebook can track people’s internet browsing activity even after they have logged off of Facebook.

Facebook even updated its Cookies Policy last week to clarify that the company is able to collect “information about your use of other websites and apps, whether or not you are registered or logged in,” according to the revised policy that was published on April 4.

The previous version of Facebook’s Cookies Policy was less clear. That version specified that Facebook could still collect information about people using its own website and apps whether they or not they are registered users or logged in to Facebook but did not specify if that was the case for non-Facebook sites and apps.

We use cookies if you have a Facebook account, use the Facebook Services, including our website and apps (whether or not you are registered or logged in), or visit other websites and apps that use the Facebook Services (including the Like button or our advertising tools).

Zuckerberg’s apparent uncertainty about how Facebook tracks people outside of its walled garden to target them with ads compounds the issue facing digital advertising in the wake of the Cambridge Analytica scandal. The more light that is shone on the tracking and targeting that goes on, the more aware people become of the shadows.

Early into Tuesday’s hearing, Iowa Senator Chuck Grassley asked Zuckerberg if Facebook has been able to identify companies that have improperly accessed Facebook user data other than Cambridge Analytica and CubeYou, which were both brought to Facebook’s attention by news outlets. Zuckerberg had to equivocate. He reiterated that Facebook is investigating who else may have improperly access data about Facebook’s users but did not include an important caveat that he has admitted elsewhere: Facebook may not succeed in completely containing that data.

Facebook’s questionable competence as steward of its data has raised another question that’s consequential not just Facebook but all of digital advertising: do Facebook and its ilk need to be regulated in the U.S. as they will soon be in Europe when the General Data Protection Regulation takes effect in late May?

Last week Zuckerberg said that Facebook would adopt policies and controls in countries outside of Europe that would be similar to those required under GDPR, and he repeated that commitment on Tuesday.

Coinciding with Tuesday’s hearing, Democratic senators Edward Markey and Richard Blumenthal introduced a bill that would appear to be the closest U.S. equivalent to GDPR, if passed into law. The CONSENT Act — the Customer Online Notification for Stopping Edge-provider Network Transgressions Act — would make it harder for companies like Facebook to collect people’s information by requiring them to ask people to opt in to such data collection and usage.

Blumenthal teased the bill during Tuesday’s hearing and asked Zuckerberg if he would agree to asking people to opt in rather than opting them in by default when they use Facebook. Zuckerberg hedged. “I think that that certainly makes sense to discuss, and the details matter a lot,” he said.

Zuckerberg also hedged when repeating that Facebook is open to being regulated in the wake of the Cambridge Analytica scandal “if it’s the right regulation,” he said. However the conditions of any regulation may not be up to Facebook.

“If Facebook and other online companies will not or cannot fix the privacy invasions, then we are going to have to, we the Congress,” said Bill Nelson, a Democratic senator from Florida. “How can American consumers trust folks like your company to be caretakers of their most personal and identifiable information? And that’s the question.”

The post Under questioning, Zuckerberg doesn’t help digital advertising’s creepy reputation appeared first on Digiday.

10 Apr 13:26

The American Chopper meme, explained

by Matthew Yglesias

It all goes back to Plato.

An old guy with a handlebar mustache, tattoos visible on his upper arms, says something in an animated tone. A younger man wearing a baseball cap speaks back while gesturing. The old man shouts. A chair flies through the air. Finally, the old man is yelling, red in the face, while pointing in an aggressive manner.

Each panel comes complete with text, and makes for a mini debate — proposition, rebuttal, reaffirmation, second rebuttal, and a final statement.

The resulting memes — based on a scene from the reality TV series American Chopper, which stopped airing in 2010 — aren’t always all that legible. But suddenly, they are everywhere on social media, illustrating everything from the difficulties of pet ownership to the intricacies of the gender wage gap.

Its popularity speaks in part to the fickle nature of mass taste. If the Distracted Boyfriend meme captivated us with its stark simplicity, then the American Chopper more than makes up for its aesthetic shortcomings with its ability to present complicated ideas.

More broadly, in an era of performative social media dunking and tribalism run amok, the Chopper offers a lighthearted way to demonstrate that you actually understand the viewpoints of people on both sides of an issue. And beyond demonstrating your personal virtuosity, dialectic — the argument between two opposing points of view — turns out to be a fairly effective way to convey ideas and information, one that dates back to Plato’s famous dialogue but can be difficult to replicate in conventional media formats.

The American Chopper format touches on important cultural themes about class, money, politics, and reality television that are relevant to 2018. And by forcing the meme author to sympathetically engage with both sides of an argument, it manages to disrupt some of the most dysfunctional elements of online discourse.

American Chopper, explained

The meme derives from a reality television show, American Chopper, that aired on the Discovery Channel and then later its sister network TLC between 2003 and 2010.

The show focused on Orange County Choppers, a custom motorcycle manufacturing company located in the town of Newburgh, New York, in the Hudson Valley. The stylistic differences and vocal arguments between the show’s main protagonists, Paul Teutul Sr. (known as “Senior”) and his son (known as “Paulie” or “Junior”), was the central driving force of the show for most of its run. But after one particularly heated argument in 2008, Junior left both the program and the chopper shop to start his own business.

The meme (which was created in 2011 but didn’t really explode until March 2018) is based on the pivotal scene from the original series in which Senior fired Paulie in a profane, violent, not-that-convincingly-acted moment:

The Teutuls then returned in a somewhat different format with a show called American Chopper: Senior vs. Junior that detailed the rivalry between their two shops. It was canceled after two seasons, but a rebooted version of the show is scheduled to come out this May — with the producers doubtless hoping the meme will have enough staying power to still be around at the premiere.

The central joke of the Chopper meme is to reimagine this scene as a heated disagreement about a highbrow topic rather than a profane dispute about work schedules.

The Chopper meme implicates Trump-era class politics

Part of what makes the meme work is that you don’t actually need to be familiar with the show to read the facial hair and cap as class signifiers. At the same time, the dispute is clearly taking place in an office setting — reflecting the reality that the Teutuls are wealthy business owners and television stars rather than struggling workers.

This dichotomy between economic status and the sociocultural aspects of “class” has become a hallmark of the Trump years, in which political disagreements between white Americans have come to be deeply polarized between the more and less educated even while the policy orientation of the GOP remains overwhelmingly focused on the wealthy.

The Teutuls are, in this sense, the perfect Trump-era Republicans — a couple of lowbrow regular guys who happen to be incredibly rich business owners who’d probably appreciate a big tax cut for pass-through income. They’re the social and political antithesis of the young, debt-burdened recent college graduates living in expensive cities and struggling to make a living in creative fields — the sort of people who’ve been enthusiastically creating and sharing the Chopper meme.

Just imagine these two arguing about effective communications strategies for an elite aquarium:

But it’s also just a damn good way to communicate.

Socratic dialogue is a good way to teach

A person looking to write a column on the gender wage gap from a progressive perspective often faces a dilemma. Do you focus on the broad headline facts — which are striking and don’t receive the level of attention in public debate that they deserve — even though people with a more conservative view have a well-known objection to the standard characterization of the gap? Or do you delve into a more sophisticated version of the debate, knowing that you’ll immediately lose a large share of the audience?

With the Chopper meme, you don’t need to choose.

The meme functions, in this sense, as a miniature version of one of Plato’s dialogues. Rather than a conventional prose argument, in these books, Plato gives us drama, with Socrates debating one or more fellow Athenians to eventually reach his conclusion. The dialogue format makes the line of argument more memorable and allows for the simultaneous presentation of a clear thesis and a deeper understanding of the issues.

As Stephanie Carvin of Carleton University says, the memes aren’t just funny — they turn out to be genuinely informative.

Arguably, the real lesson here is that a more dialectical form of writing could have been serving us better all along.

After all, one hallmark of the Chopper meme is that for a given instance of it to be any good, the author needs to genuinely understand Junior’s stance and present a coherent and sympathetic version of it — an attitude that is antithetical to much of current social media practice.

Chopper memes are an antidote to the social media dunk contest

The dialectical form of instruction contrasts with a pattern of interaction and debate that is all too common on the modern-day internet: Rather than engage with each other’s ideas, debate participants simply “dunk” on the remarks of others, aiming to receive praise from their followers.

Michael Grunwald, for example, promoted his lengthy essay on Scott Pruitt’s real record at the Environmental Protection Agency with a brief and necessarily oversimplified tweet.

The environmental journalist Rebecca Leber then quote-tweeted Grunwald, arguing that his tweet was missing crucial context about the full scope of Pruitt’s activities.

Grunwald then fired back, asserting without evidence that Leber hadn’t even read his story.

The reality of this unnecessarily contentious back-and-forth is that Grunwald’s article does note all the things Leber accused him of downplaying, but it’s also clearly true that Grunwald is downplaying that stuff in favor of his core thesis: “The truth is that Scott Pruitt has done a lot less to dismantle the EPA than he — or his critics — would have you believe.”

A more dialectical presentation would reveal a disagreement over points of emphasis. Leber and Grunwald are both smart people and skilled writers who are very familiar with the relevant issues here, and no doubt either of them could write a Chopper meme that lets Junior make some good points.

Instead, they shouted at each other unproductively, just like the father-son duo at the heart of American Chopper.

And that’s the beauty of the Chopper meme — by giving the author a degree of distance from the argument, it allows us to transcend the tendency of online debate to degenerate into precisely the kind of chair-throwing pointlessness that it depicts.

09 Apr 08:32

När jag hackade Spotify

by Infontology

Jag var en väldigt tidig Spotify-användare, tack vare en mailgrupp som jag var med i med glada entreprenörer som kände andra glada entreprenörer.

2009 var det stor Spotify-hype i Sverige, efter att tjänsten öppnat för allmänheten i oktober 2008. Jag jobbade som lärare i interaktionsdesign på dåvarande Växjö universitet och hade haft lite samarbete med Spotify runt en designövning.

En dag postade Rikard från den gamla mailgruppen bilder från när han hade varit och hälsat på en polare på Spotify. Jag hade tråkigt och drömde om de coola företagen som jag ville jobba för, och som inte låg i Växjö. Jag tittade på Rikards bilder och föreställde mig företagskulturen. Rikard hade tagit bilder på en massa ställen, till och med i serverrummet. Där är all musiken tänkte jag. Och så tänkte jag att det var konstigt att han fick plåta där – på mina gamla arbetsplatser hade det inte varit möjligt.

I bakgrunden på bilden från serverrummet såg jag några etiketter. Jag laddade ner bilden och förstorade den maximalt. Då kunde man läsa namnet på servern, typ http://s341.spotify.com.

I princip alla såna servrar ligger ju bara på det interna nätet, men the hacker spirit (som jag normalt inte har, så låt oss kalla det rastlöshet) fick mig att lägga in servernamnet i webbläsaren.

Jag fick upp en kataloglistning, så där teknisk med underkataloger med benämnda med två hexadecimala bokstäver 00 till ff. Jag blev chockad över att ha hittat något, men förstod inte vad. Jag klickade på en länk i högen och fick en likadan listning. Klickade igen, och där fanns de: mp3-filerna.

Jag minns att jag bara satt och stirrade. Jag insåg då att de förstås kunde se i sina serverloggar att mitt IP-nummer hade varit där, men jag kunde inte tänka mig att någon hade satt en speciell övervakning på en sådan server. De skulle hitta mig först senare.

Det var omöjligt att motstå frestelsen att ladda ner en fil. Den hade ett sånt där hopslumpat hexadecimalt filnamn också, men all metadata fanns med och filen var spelbar, inte krypterad.

Vad skulle jag göra? Ringa Aftonbladet och skicka dem namnet på servern, eller maila Spotify och informera om luckan?

Det tog mig trekvart att bestämma mig. Det fanns så mycket rolig musik på Spotify, ständigt tillgänglig, och om en sådan säkerhetsmiss kom ut skulle de stora skivbolagen kanske kräva att de skulle stänga ner. Och vad skulle jag vinna på saken? En artikel i Aftonbladet, och sen skulle jag bli känd som den som sabbade Spotify? Jag skulle inte ens komma i TV.

Jag hade ju haft kontakt med Spotify tidigare och mailade dem. Det tog fem minuter och sen kom det ett brev där de tackade så hemskt mycket för att jag hört av mig. Säkerhethålet var stängt.

Rikard heter egentligen något annat. /Simon

09 Apr 06:48

The dots do matter: how to scam a Gmail user

by jim

I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account. Here I show that this is a new kind of phishing scam which is enabled by an obscure feature of Gmail called “the dots don’t matter”. I then argue that the dots do matter, and that this Gmail feature is in fact a misfeature. Finally I’ll suggest some ways the Gmail team can combat such scams in future. But first, I’ll show you the email:

email from Netflix

“Odd,” I thought, “but OK, I’ll check.” The email is genuinely from netflix.com, so I clicked the link. It logged me in and took me to an “Update your credit or debit card” page, which is genuinely hosted on netflix.com. No phishing here. But hang on, the “Update” page showed my declined card as **** 2745. A card number I don’t recognize. Checking my records, I’ve never seen this card number. What’s going on?

I finally realized that this email is to james.hfisher@gmail.com. I normally use jameshfisher@gmail.com, with no dots. You might think this email should have bounced, but instead it reached my inbox, because “dots don’t matter in Gmail addresses”:

If someone accidentally adds dots to your address when emailing you, you’ll still get that email. For example, if your email is johnsmith@gmail.com, you own all dotted versions of your address:

  • john.smith@gmail.com
  • jo.hn.sm.ith@gmail.com
  • j.o.h.n.s.m.i.t.h@gmail.com

Netflix does not know about this Gmail “feature”. Externally, jameshfisher@gmail.com and james.hfisher@gmail.com are different identities, and should have their own Netflix accounts. I signed up for Netflix account N1 backed by jameshfisher@gmail.com in 2013. But in September 2017, someone, let’s call her “Eve”, created a new Netflix account N2, backed by james.hfisher@gmail.com.

Eve has access to account N2 because she set its password when signing up, but I also have access to the account because I own james.hfisher@gmail.com, and so I can follow the password reset process for this account. I did so.

Eve loves her TV! She’s watched 587 titles in six months, all from her “Android Device” in Alabama. She watched three seasons of Trailer Park Boys over a single day in October. She consumed nearly every day until 22nd March, when Netflix put her account “on hold” due to payment failure. Eve had paid for these shows. She paid $13.99 every month for her Premium plan, until February when her card **** 2745 (also billed to Huntsville, Alabama) was declined.

Perhaps this was all a mistake? Perhaps Eve is actually one of the twelve James Fishers in Huntsville, AL, and perhaps he typed his email address in wrong when he signed up months ago. Netflix doesn’t do any email address verification when you sign up; you can start watching shows straight away.

But perhaps this was not a mistake but a scam. I was almost fooled into perpetually paying for Eve’s Netflix access, and only paused because I didn’t recognize the declined card. More generally, the phishing scam here is:

  1. Hammer the Netflix signup form until you find a gmail.com address which is “already registered”. Let’s say you find the victim jameshfisher.
  2. Create a Netflix account with address james.hfisher.
  3. Sign up for free trial with a throwaway card number.
  4. After Netflix applies the “active card check”, cancel the card.
  5. Wait for Netflix to bill the cancelled card. Then Netflix emails james.hfisher asking for a valid card.
  6. Hope Jim reads the email to james.hfisher, assumes it’s for his Netflix account backed by jameshfisher, then enters his card **** 1234.
  7. Change the email for the Netflix account to eve@gmail.com, kicking Jim’s access to this account.
  8. Use Netflix free forever with Jim’s card **** 1234!

Where is the security flaw here? Some would say it’s Netflix’s fault; that Netflix should verify the email address on sign up. But using someone else’s address on signup only cedes control of the account to that person. Others would say that Netflix should disallow the registration of james.hfisher@gmail.com, but this would force Netflix and every other website to have insider knowledge of Gmail’s canonicalization algorithm. Still others would say that Netflix’s “update your payment details” email should force a manual login, instead of using an authenticated link.

Some blame lies with Netflix, but I believe the main problem lies with Gmail, and specifically Gmail’s “dots don’t matter” feature. The scam fundamentally relies on the Gmail user responding to an email with the assumption that it was sent to their canonical address, and not to some other address from their infinite address set.

Some Gmail power users might claim: “The dots-don’t-matter feature is great. I get ownership of an infinite set of email addresses!” But firstly, no one wants this infinite set of email addresses. Those who really want infinite addresses already have the “plus labelling” feature: I also own jameshfisher+spam@gmail.com, jameshfisher+work@gmail.com et cetera. Plus labelling has similar scam potential, but some legitimate use cases. But I have certainly never wanted j.ame.s.h.fis.h.e.r@gmail.com, and John Smith never wanted jo.hn.sm.ith@gmail.com. I have never asked someone for her email address only for her to reply, “it’s jane.doe@gmail.com, but feel free to add the dot wherever you like.” Each Gmail user has one email address that they think of as theirs; all the others are mistakes.

Not only do Gmail users not want these extra addresses, most are not even aware that they have these addresses. I’m sure my parents are unaware that they own an infinite set of email addresses. They won’t know this, because Google have never told them, and this is not how email works anywhere else. Even the most technically minded Gmail power user refers to “my email address”, not to “my infinite set of email addresses”.

Even those Gmail users who are aware of their infinite set of addresses are probably unaware of the scams that this exposes them to. We teach people about “phishing” due to emails from dodgy email addresses, but we don’t teach people anything about phishing due to emails to dodgy addresses. Nevertheless, the result is the same: the victim loses money to someone else.

And even in the rare case that a Gmail user is aware of their infinite set of addresses, and they’re aware of the phishing attacks that this can expose them to, this user is unlikely to pick up on it, because the user interfaces of Gmail and Inbox don’t hint anything about a possible scam. In fact it barely even acknowledges that the email was to a non-standard address. The only clue in the screenshot above is that the interface says “to james.hfisher”, instead of “to me”.

The Gmail team should combat this kind of phishing. They should officially acknowledge that dots-don’t-matter is a misfeature. Indeed, the Gmail team admitted that dots-don’t-matter is “confusing” way back when they announced the feature in 2008. Each Google account should have one variant configured as its standard address; I would set jameshfisher@gmail.com as standard, and maybe John would set john.smith@gmail.com as standard. If an email is sent to a non-standard address, it should be shown with a warning:

how to show phishing

Finally, Gmail users should be able to opt out of dots-don’t-matter. I wish for any mail sent to james.hfisher@gmail.com to bounce instead of reaching my inbox. The dots-don’t-matter feature should be disabled by default for any new Google accounts, and eventually retired.

Follow-up

This article has spread around the web. I’ll do a full follow-up soon. In the meantime, here are some links:

05 Apr 13:07

The Sinclair Horrorshow Is the Result of Decades of Failing to Take Media Consolidation Worries Seriously

by Karl Bode

For decades, consumer advocates and media watchdogs have warned about the dangers of media consolidation and the nation’s obsession with often-mindless merger mania. And for just as long, many consumers and tech analysts ignored those warnings, clearly bored by concerns that such consolidation harms quality local reporting, competition, and quality discourse.

They’re paying attention now.

Sinclair’s planned $3.9 billion acquisition of Tribune would give it ownership of more than 230 broadcast stations, reaching 72 percent of the American public. Given that the broadcaster has been widely criticized for “news” that tends to be facts-optional on a good day, the company’s expansion efforts have seen renewed criticism in light of America’s disinformation problem.

This week, a new Deadspin report and video drove that point home, highlighting how the company demands that its local news anchors repeat factually-challenged, pro-Trump missives in relatively creepy nationwide unison:

Opposition to Sinclair’s blockbuster deal is bipartisan. Democrats argue the merger will allow a broadcaster with a tendency toward hyperbole to further mislead the American public. Republicans worry that the merger will have a profoundly negative impact on the ability of smaller news outlets to make inroads in a market already dominated by giants.

“A free and diverse press, a bedrock principle of American democracy, will be crippled by this proposed merger,” Conservative-leaning Newsmax said in a filing with the FCC opposing the deal (Newsmax’s CEO, Chris Ruddy, is a close Trump ally.)

“The level of media concentration proposed by this transaction will homogenize the content available to U.S. consumers, eliminate unique viewpoints, and reduce press diversity, especially in the delivery of local news,” Newsmax added.

In the wake of the viral video, Sinclair employees have also expressed their frustration with Sinclair’s messaging and management style, but note that the company structures employee contracts to severely financially penalize any employees that might consider leaving.

Despite the cacophony of opposition, FCC boss Ajit Pai has been undaunted in his efforts to kill off media consolidation rules exclusively to aid Sinclair’s expansion ambitions. Pai’s apparent coziness with Sinclair has been so blatant, it prompted a corruption investigation by Pai’s own bipartisan agency Inspector General, launched back in February.

In December, Pai’s FCC voted to eliminate a cap that prevents any one broadcaster from reaching more than 39% of the nation. Pai also made quick work of a 77-year-old rule that required broadcasters keep a local studio in the towns they service to encourage community participation, as well as rules preventing broadcasters from owning more than two TV stations and one radio station in the same market.

All of the rules have been used for decades to protect local news outlets and regional journalism from monopoly harm. But much like we saw during his extremely-unpopular net neutrality repeal, Pai isn’t moved by criticism or hard data, insisting that his policies are simply an attempt to modernize outdated regulations.

“The media ownership regulations of 2017 should match the media marketplace of 2017,” Pai proclaimed last year, adding that he was “dragging the broadcast rules into the digital age.”

"Every element of our media policy is custom-built for the business plan of Sinclair Broadcasting"

But consumer advocates, competitors, media watchdogs and Pai’s fellow Commissioners have been quick to point out that “old” rules don’t automatically equate to “bad” rules, and that Pai’s simply pandering to massive media and telecom monopolies (not exactly a new tactic for arguably one of the least popular individuals on the internet.)

“Every element of our media policy is custom-built for the business plan of Sinclair Broadcasting,” Democratic FCC Commissioner Jessica Rosenworcel told The Daily Beast last month. “That is stunning, it is striking, and it looks like something’s wrong. And I’m not the only one to think that. We’re burning down the values of media policy in this agency in order to service this company.”

Of course mindless mergers and acquisitions mania has been a bipartisan obsession for years, and much like the man that chose him to run the FCC, Pai is simply taking long-standing cronyism and revolving-door-regulation to the next level.

Time and time again, both parties tend to sign off on massive mergers, often applying only meaningless conditions that companies tend to ignore with limited repercussions. More often than not, said mergers result in higher prices and a litany of consumer harms, none of which get remembered by the time the next megadeal approval rolls around.

In this case, consumer advocates have already been warning that Sinclair hopes to dodge any remaining media consolidation limits by using partner shell companies to hoover up any remaining assets the government tries to prevent “Sinclair” proper from acquiring.

Deal critics hope that the FCC’s investigation forces Pai to recuse himself from the vote, or that hard data will somehow force Pai to reconsider approving the company’s megamerger when it comes up for a vote later this year. But given the FCC’s obvious disdain for hard data and the public welfare witnessed during the net neutrality repeal, you’d be hard-pressed to find many people willing to hold their breath.

05 Apr 08:57

The rationalization of publishing

It was not a dumb idea. It may have even been the right idea at the time.

That is: With no printing costs and the ability to reach a much larger audience, publishing — the kind that had been traditionally supported by a combination of direct consumer dollars and advertising — could be supported by advertising alone. If so, it would be a huge win/win: Free information for the world and strong businesses with global reach.

It wasn’t obvious 20 years ago that by going down that road, publishers — who traditionally differentiated on brand, quality, and audience — were entering a commodity business that would be dominated by software and scale. And, even if it was, was there a better option? Getting money from consumers over the internet wasn’t easy back then. Entering a credit card was a lot of friction, and no one trusted it. Besides, publishers were getting paid. Advertisers still cared about brand and context. And, really, how bad was a little banner ad? It’s not like they were taking over your screen and tracking you across the web. And certainly they weren’t influencing what was getting published. It was an okay trade-off for access to great content (most of which was paid for by print ad money anyway).

The only thing that went wrong was the inevitable. Business always optimizes for where the money comes from, and advertisers weren’t in it for the public good. Which means they eventually got the better end of the deal, with the rest of us suffering through an experience that was necessarily compromised.

That story has played out. It will continue to play out for years — free, cheaply produced content isn’t disappearing. It will just get worse. But there will also be an abundance of non-free, non-cheaply produced content that an increasingly large and discerning audience is hungry for.

Look at the renaissance in television — it was driven by a better (non-advertising) business model. Even though there’s still plenty of free, ad-supported TV. A hundred million households pay Netflix alone for delicious, differentiated, ad-free fare. Look at music. At one point, the sky was falling in that industry because everyone was downloading music for free. Yesterday, Spotify went public and is worth $30B, helping the labels bounce back with them.

With both TV and music, the consumer offering is far superior to anything we had before, and there are more options for creators. (True, musicians at the top aren’t making as much as the glory days — but far more musicians are making some money, and it’s way easier than ever to get your music out to a fanbase.) This is the power of a differentiated, competitive market — increasing quality and convenience for consumers, and riches for the winners.

There are three arguments you typically hear against the TV and music/publishing analogy:

This is silly. It might not be as big as entertainment, but the global demand for information — I’m talking news, journalism, analysis, opinion, essays, instruction, etc. — is not small. There are certainly some people who only will pay for entertainment, but the people who have the most money care about understanding the world and their place in it.

This also doesn’t make a lot of sense. People value time, convenience, and quality. People read more than ever. And books are still a multi-billion dollar market.

This is true and would be a problem if you also assume: They will continue to be able to get it for free and/or the thing they’re asked to pay for is the same as they’d get for free.

People are not dumb. But their information diet has been subsidized by print ad revenues and no-longer-sustainable digital CPMs for a lot of years. It will be painful, especially for publishers, to ween off that drug. But supply and demand will kick in. As paywalls go up (and, inevitably, many publishers go out of business), there’s just going to be less great stuff to get for free.

Will people just lower their standards? Perhaps. In fact, our standards have been gradually lowering for years. We’ll read crap on the web we wouldn’t have put up with in print. But as advertising gets replaced with better business models (subscription, inevitably), people will see they can expect more. No one was clamoring to pay more for TV before The Sopranos came around. (People subscribed to HBO for the second-run movies.) No one even imagined such TV. Now we can’t stand to sit through ads or crappy content. The same thing will happen.

There is — and probably always will be — a surplus of free content. But that’s like saying there’s a surplus of free food in the dumpster behind the alley. Some of it may be perfectly good, but most of us would rather pay for something more reliable and convenient if we’re able. And many people will pay a lot for something superior.

This is the case in media — TV and music, as mentioned, but also video games and radio make billions per year from consumers who can access free alternatives. But it’s also the case in every other market, from coffee to clothes. People choose the level and style they want and are willing to pay for — and providers compete to get their business.

The reason quality — of content and experience — has gone down in publishing, not up, despite the power of competition and technology, is because publishers are competing for advertiser dollars, not audience dollars. Business model is gravity. Once publishers are competing for audience dollars, the product they produce will get dramatically better.

This is not to say that every publisher just needs to start charging a subscription, and people will run for their credit cards. (Monthly recurring revenue FTW 💸!) The average thinking, reading person reads from dozens of sources per month. Even if they were very cheap, there will be subscription fatigue. Cognitively, and economically, people will be able to rationalize a handful of content subscriptions at most (in addition to their 2–3 music/TV subscriptions).

Outlets that are very big in terms of content volume/frequency or that have superfans will be able to make subscriptions work — see NYT and The New Yorker. Or that have very low costs and a niche audience — see Stratechery.

That leaves out the vast majority of publishers in the world. If everyone had a digital wallet in their browser and was willing to do micropayments as they cruise around the web, that might be a solution. But that’s very unlikely. And, it’s not clear how to design that to create a healthy feedback loop (i.e., keep click bait and popularity from being rewarded over quality).

There is a likely solution, though. And it’s, again, demonstrated by other media types. There’s a reason we don’t subscribe to TV shows or our favorite bands individually: 1) It would be a pain in the butt. 2) It would be a much worse deal. We pay for bundles, which give us access to lots of options. It’s great, and it will be great for published content, as well.

There won’t be a Spotify of publishing — with literally everything you want. But there will be a Netflix and Hulu and Amazon, etc. — each with a substantial amount of things you want. You might also have your superfan subscriptions (Patreon-based individuals), and your company-expensed subscriptions (The Information), but most consumers will have one or two of the big bundles.

Publishers generally don’t like this idea, but I think it will actually be good for creators, as well as consumers. In the same way that Spotify gets a lot more money from consumers to record labels and musicians than they could on their own. Netflix does the same for studios and show producers. Both pay for marketing, discovery, and technology infrastructure that allows creators to do their job. (The fact that small publishers have to be experts in technology, and distribution, and, now, funnel optimization, is a huge drain.)

Who will offer these bundles? Well, Apple just bought one. So far, Google and Facebook are talking about helping publishers charge subscriptions individually, but I’d expect a bundle down the road as publishers get comfortable with it. Startups like Blendle are developing alternatives. And of course, Medium has a growing bundle of thousands of independent writers and publishers. In the end, the best convenience and value for the consumer will win.

And at the same time, writers and publishers who offer high-value, differentiated content that competes for its ability to drive revenue from consumers, not just eyeballs, will win, as well.

This is a world I’m looking forward to.

05 Apr 08:56

The Man Who Spent $100K To Remove A Lie From Google

Jeff Ervine poses for a portrait in the office of his home on the Upper East Side of Manhattan. In 2010, Ervine searched his name on Google and discovered a website with defamatory content labeling him as a con artist.

Elias Williams for NPR

In Europe, if there's a webpage with information about you that you don't like — because it's either inaccurate or just too personal — you can make Google hide it from search results. Google has done exactly that with more than 1 million pages in Europe. It's part of a growing legal movement in Europe that grants people "a right to be forgotten" on the Internet.

In the U.S., however, even in the most dire cases, the law doesn't protect people that way.

Jeff Ervine had a great career. He was chief operating officer of a hedge fund that managed over $1 billion, and then he started his own fund.

But in 2010, things took a dark turn. After some professional contacts overseas told him to check out Google search results about him, he was shocked by what he discovered: The first result when he searched his name was a website called Con v. Con. He clicked on it and saw a picture of himself, dressed in a tuxedo, standing beside his wife, who was in an evening gown.

The site warned that Ervine was actually a con artist who tried to trick a "know nothing" kid into a "sweet heart deal."

"It was very dark," he recalls.

The author of the website, a 26-year-old named Hakan Yalincak, wanted to take down Ervine for having helped the law put the young man behind bars.

The two had first met years earlier, when Yalincak and his parents wanted to set up a fund to invest their money. They came to Ervine for help. They were accompanied by what seemed like just the right cast of characters: Their lawyers were from an elite Chicago firm; their bankers vouched for the millions in their accounts; New York University, where Yalincak was a student, was going to name a building on West 4th Street in Manhattan after the family.

But little things bothered Ervine from the beginning. Subtle social cues seemed off. Unlike other rich people, these folks didn't talk about fancy schools or vacation destinations. Nor was there any name-dropping — social norms he had gotten used to in his dealings with the filthy rich.

"That's part of their bravado and their egos," Ervine says. "But the Turks and Caicos never came up. Art Basel never came up."

Then one night, Ervine met the family for dinner at a Victorian house converted into a farm-to-table restaurant in the New York area. After dessert, Yalincak said his driver would be coming to get him. But out on the curb, Ervine spotted him jumping into a beat-up cab.

"The hair stood up on the back of my neck," Ervine says.

He called a friend — a military veteran with contacts at the FBI — and soon the bureau unearthed a suspicious legal trail and launched a criminal investigation. In that case, Ervine handed over the information he had collected on the family and spoke with law enforcement.

He thought the matter was over. Yalincak was convicted of fraud, sentenced to 42 months in prison and then deported.

But from Turkey, he wanted to make Ervine pay for his actions. The website Con v. Con was designed to destroy Ervine's reputation.

"You are helpless and you're hopeless. And what can you do? It's like slut-shaming or anything else that goes on on the Internet today," Ervine says about his experience trying to get Google to top highlighting a slanderous website about him.

Elias Williams for NPR

At first Ervine shrugged it off. But then prospective clients and partners kept bringing it up. "I'd spend the first 15 minutes explaining the story" in every meeting, he says. It had happened right after the financial crisis and the Bernie Madoff scandal — not a great time to try to explain yourself.

Ervine knew he couldn't talk any sense into his attacker. But he assumed he could get Google on his side. He had lawyers fax and mail a letter to Google's chief counsel, with a simple request: Please stop highlighting this site in search results. Google ignored the request. Ervine was shocked.

"You are helpless and you're hopeless. And what can you do? It's like slut-shaming or anything else that goes on on the Internet today," he says.

Google holds the position that in the U.S., it's not obligated to remove defamatory content or lies from search results. It'll consider it if there is a court finding. Even then, it's really up to Google's discretion. So Ervine's lawyers sued the website creator. It took more than a year — to establish jurisdiction, to serve the papers overseas and to win the case.

The final court hearing was extraordinary. Judge James Holderman, of the U.S. District Court for the Northern District of Illinois, apologized to Ervine on behalf of the American justice system. "You, in my opinion, have done everything right — you have been a model citizen, you have assisted your government in exposing and prosecuting fraud on other people — and then you are victimized," he said for the court record. "I wish I could do more."

Ervine's lawyers rushed to Google with the judgment. And then it took a few months for Google to respond that yes, the company would help; then another month to actually do it.

No wonder that winning didn't feel like victory for Ervine.

In fact, even after Google stopped listing the defamatory site, the search page added a disclaimer — in red letters — that Ervine's results had been altered. It looked like he had something to hide, not like Google had made the mistake of highlighting false information. This warning remained in effect for months, even though it doesn't appear any longer.

"There's no humanity or kindness in Google. It's not about anyone else. It's all about Google," Ervine says.

NPR submitted a summary of his case to Google for response. A spokesman said he isn't certain why even after Ervine won his judgment it took Google so long to take down its reference to the malicious website. And then the spokesman added: "We don't comment on individual cases."

Ervine's lawyer Charles Lee Mudd Jr., who has represented dozens of Americans defamed online, says, "It truly happens to be a wild world on the Internet."

But in Europe, it's a different world. In response to new privacy rules imposed by the EU, Google has buried more than 1 million pages on that continent because the subjects of those pages say that the content is unreliable or simply too personal. In the U.S., no such "right to be forgotten" exists.

Ervine says his reputation was damaged and it hurt his career. Today, he is building a tech company called Bridg-it, to protect people like him who have been attacked online. He doesn't want anyone else to pay like he did. All told, Ervine spent about $100,000 in legal fees. In Europe, he would have just filled out a form.

04 Apr 12:03

David Hogg Thinks His Conspiracy Theorist Trolls Are Full of Shit

by Sophie Kleeman

Parkland shooting survivor David Hogg isn’t the first human flashpoint for conspiracy theorists—he’s not even the first school shooting survivor to become one—but the 17-year-old does have a strategy for dealing with them.

It appears to be this: Call bullshit with abandon.

In a conversation with VICE in March, Hogg and his family responded to the various claims that have been repeatedly lobbed at him: he’s a crisis actor, he’s a communist, he’s basically Hitler reincarnate, he’s a lackey of George Soros.

“I don’t care,” Hogg said. “I don’t. I have bigger, more important things to focus on than these stupid conspiracies that aren’t true in any way, shape or form, have no validity, and don’t hold their weight. At all … these people are going to keep trying to take us down but that’s how we know what we’re doing matters … whenever someone tries making a change that matters, and a change for the better, there’s always someone that tried stopping them.”

Pointing out the absurdity of the threats and conspiracy theories has acted as somewhat of a buffer. “These people have no fucking life. To go after a witness of a school shooting, it’s pathetic, and as my dad was saying, it’s fucking weird,” he said.

This attitude is consistent with Hogg’s previous declarations. He’s gone after everyone from former sheriff and noted media hated David Clarke—he said “You disgust me” after Clarke tweeted that the Parkland teens were connected to George Soros— to Fox News host Laura Ingraham and her advertising revenue. He chalks this approach up to his age, which is both encouraging (today’s teens know how to harness and handle the internet better than any of us) and depressing (this is likely the only version of the internet they’ve experienced.)

“[We’re] the generation of 9/11, the recession, cyberbullying, and school shootings,” he said. “We’ve had to live around that and through that our entire lives. We’ve had to learn to deal with these sick fuckers that are saying this stuff, that are out there, claiming that we’re not real people, claiming that we’re actors—and we know not to let this stuff online affect us.”

(The attitude may also come from his mother, who at one point said, in reference to online threats made against her family, “You fucked with the wrong mama bear.”)

“To the people that are out there that actually believe what he says, do some fucking research and show me some credible evidence to what he’s saying about me.”

Hogg brings up several incidents—he said an “NYPD officer” showed up in his DMs and called him a “little bitch”—but he reserves particular ire for Alex Jones, the face of InfoWars and an infamous conspiracy theorist who has floated the idea that Sandy Hook was a hoax.

“The lovely man that is Alex Jones, who believes that water turns people gay, sells snake oil, which, by the way, great snake oil, it’s called Jones brand snake oil … he’s a conspiracy theory-peddling alt right fuck who doesn’t do any research,” Hogg said. “Honestly, the guy’s pretty smart in the sense that he’s able to fool all these Americans—well over two million—into believing all the crazy shit he says, just so he can sell them stuff.”

Part of the reason Hogg and his activist classmates have stuck out so much is because they have an unusually sophisticated grip on what makes movements like this successful. It’s notable that they’re viewed as beacons of light, because in some ways, they’ve proven themselves adept at recognizing humanity’s darker impulses.

“There was a short time when I was like, ‘oh god, this is like, scary and stuff,’ but then I realized, this is great advertising,” he said of the conspiracy theories. “It’s keeping us in the press, it’s keeping us relevant, and it’s continuing our story.”

“I think this is somewhat of a problem with platforms, and it always will be, in the sense that you can’t control every single person that makes these things,” Hogg said at another point. “But the power in politics and the power in media lies with the advertisers and the people that actually give you money."

“To the people that are out there that actually believe what he says,” he added, “do some fucking research and show me some credible evidence to what he’s saying about me.”

In some ways, it’s refreshing to hear these kinds of zero-tolerance statements—particularly given that the call to boycott Laura Ingraham’s advertisers was met with a whole lot of bad-faith hand-wringing—though they can come across as perfectly clipped soundbites.

But given that this sort of fear-mongering is likely to happen again (and again, and again, as long as massacres like Parkland continue), Hogg and the other teens have helped create a new kind of blueprint for how to respond. Jones, Clarke, and Ingraham aren’t the only attention-grabbers anymore.

04 Apr 06:56

GDPR is leaving publishers with a newsletter list problem

by Max Willens

Dear American publishers that think they will be fine when the General Data Protection Regulation takes effect next month: Check your email.

As brands, agencies and publishers scramble to get their data collection, usage and storage situations in line with European regulations, few have gotten their email newsletter subscriber operations into a GDPR-compliant state, either by securing affirmative consent for use of subscribers’ data or by updating their email onboarding process so people give consent when they subscribe.

Some haven’t done it because they have their hands full with other facets of GDPR compliance. Others haven’t because they’re still trying to figure out if their current situations are, in fact, acceptable under the regulations. Others are waiting for third-party providers to deliver tools to help navigate the problem. Still others are reluctant to do anything that could put a meaningful dent in their newsletter subscriber counts.

“This is definitely a risk,” said Brad Schorer, the president and CEO of data and marketing consultancy Digital Segment. “They need to prepare to have the steps in place to allow for their readers to opt out of the newsletter and/or be able to produce the level of detail on them that the publisher has in house.”

A common misconception about the GDPR is that it is for European companies. In fact, the GDPR covers any company that collects data from European Union citizens, which is to say most every publisher. Publishers have liability if they have any EU citizens on their email newsletter lists. Under GDPR rules, publishers must be able to point to a specific date when a reader affirmatively consented to have their data used by publishers. That covers all email subscribers, not just those acquired after the GDPR takes effect on May 25.

Most publishers don’t have those dates on file, particularly for email subscribers they’ve had for years, which presents them with an uncomfortable choice: Send an email asking European newsletter audiences to opt back in, risking a percentage of their subscriber base dropping out, or do nothing and hope the law is enforced for bigger violations.

“Any communication to consumers always entails the possibility of losing readerships due to opt-outs for any number of reasons,” Schorer said.

Many publishers also have to figure out how to get readers to actively consent, a break from the user experience templates that readers have been trained to expect in recent years. “It’s difficult to funnel people into signing up as it is,” said one source who oversees newsletter operations at one large publisher. “Now, we have to go completely out of the way to make sure consent is explicit by not having pre-checked boxes. Users have learned behavior that assumes boxes will be checked, and now we will have to teach them new behavior.”

The GDPR, to this point, has been a worry for European publishers, which have been busy hiring data protection officers and trying to build unified login systems to minimize shock when the regulations are enforced. As the May 25 enforcement date has drawn closer, fears among European publishers have subsided a bit, according to Digiday Research.

Yet many American publishers draw sizable chunks of their audience from outside the U.S. Just over 10 percent of The Washington Post’s digital subscriber base, for example, is based abroad. The New York Times said 14 percent of its 2.6 million digital subscribers reside abroad, though that number does not exactly correspond with its 13 million email newsletter subscribers; the Times does not break out the country of origin of newsletter subscribers.

Some publishers are trying to be proactive, despite the minimal risk to their business from being GDPR-compliant. At Morning Brew, a business-focused newsletter publisher with 180,000 subscribers and an open rate that hovers around 45 percent, just 3 percent of its subscriber base resides in Europe. But the company decided to add a double opt-in system to its newsletter onboarding program, in part because it minimizes bad actors taking advantage of its referral program and in part because it sees upside in adapting its system in ways that emphasize transparency and privacy.

Morning Brew is still trying to confirm that every facet of its business is GDPR-compliant, but it said it expects to be by next month. “The way we justified it is we need to do right by our readers,” Morning Brew co-founder Alex Lieberman said.

The post GDPR is leaving publishers with a newsletter list problem appeared first on Digiday.

03 Apr 07:19

‘An aggressive ask’: Publishers bristle at agencies’ demands for first-party data

by Lucia Moses

Ad agencies using data to retarget publishers’ audiences is nothing new. But multiple publishers said they’re getting more frequent, onerous demands from ad agencies wanting to get their hands on that audience data.

Sometimes agencies merely ask for the audiences’ social media IDs so the agency could retarget them on Facebook, using people’s Facebook’s IDs. Of greater concern to publishers is when the agency asks for all the IP addresses of people targeted by a campaign, which would permit the agency to retarget them elsewhere using its data management platform. Increasingly, publishers say, the agencies are asking for permission to use this data in perpetuity.

Publishers said Publicis agencies including Spark and GroupeConnect are the most aggressive, requiring that publishers accept clients’ pixels for campaign analysis and retargeting, but that they’re increasingly getting similar demands from other agencies.

A Publicis agency document sent to a publisher as recently as January said it requires the media partner to accept a pixel for the advertiser to use for attribution analysis and audience segmentation. “We’re also looking to build partnerships with publishers that will allow pass back of impression and click data for targeting/retargeting purposes. In this scenario, we’d look to potentially retarget users who were exposed to our ad on site A (your site) within our DSP,” the document read.

A Publicis Media spokesperson said this language isn’t common in the holding company’s contracts. “We take data privacy very seriously and adhere to all applicable privacy laws and regulations,” the company said in a statement. “Consistent with long-standing industry practice, campaign information is used to help advertisers better understand how their advertising is performing and to optimize relevancy. We do not use publisher first-party audience data with the intention of finding these audiences elsewhere.”

It’s legitimate for the advertiser to use tracking pixels for attribution purposes, following a consumer to understand what led someone to take an action on an ad, said one publisher, speaking anonymously for fear of retribution by agencies. But “I’m not OK with thinking because you served an ad on our site, you own our audience,” the publisher said. The other worry is the agency will use the audience data for other clients. This publisher will only agree to let the agency use the audience data for attribution purposes, but that puts the burden on the publisher to keep track, and often the publisher finds the agency is using the tags for retargeting.

Publishers and agencies alike see the asks as part of a wider story about agencies under siege. Agencies, squeezed by other companies trying to horn in on their business and clients who are cutting their fees, are scrambling to prove their worth to clients by showing they have differentiated data and targeting capabilities. Steve Buors, CEO of Reshift Media, said the programmatic dashboards that agencies use are flawed, leading agencies to lean on publishers. “Because the dashboards are mostly using third-party data, there is a certain degree of invisibility of using the programmatic dashboard these days,” he said. The question then becomes: Who owns the consumer data in the first place?

“We’re seeing more requests for access to publishers’ first-party data,” said David Spiegel, CRO of Inverse. “Everyone’s trying to claim they should own the data in the marketing relationship. It’s an aggressive ask, so hopefully publishers are considering the ramifications.”

Publishers say they try to push back against these requests. The anonymous publisher exec said if the publication has a strong relationship with the client, the exec can do an end run around the agency and call the client directly and complain, and that puts a stop to the problem. That can work if the publisher is a must-buy for the advertiser. But it’s a matter of who has the bargaining power and how much ad revenue is at stake. And long term, the publisher worry is that if they give over their data to win an agency’s business, they’ll be contributing to their own irrelevance. Already, many advertisers have sought to fully own the branded content that publishers create for them.

Evan Krauss, svp of global sales at Ranker, has gotten audience data requests with greater frequency from clients and agencies alike where, for example, an advertiser might want to reach women 25-34 and add Ranker’s data on movie enthusiasts to its data set. “Let’s say we saw it twice in the fourth quarter; we saw it 15 times in Q1,” he said of these data requests.

“Agencies are looking to built up their proprietary DMPs,” he said. “We have a lot of unique data; we have people voting specifically for things they like or don’t like. But if someone is buying heavy movie enthusiasts on Ranker and they can buy them anywhere else for cheaper, that means they don’t have to come to Ranker as much. Our theory is we have enough value, but it has a yellow flag up.”

Now that consumer privacy has been thrust to the forefront with the revelations that Facebook user data was misused, and with the enforcement of the General Data Protection Regulation starting May 25, publishers are finding their voice in pushing back. “GDPR provides us a backstop to say we can’t let you pixel people because they haven’t given consent to all the ways you’re using data,” the unnamed publisher said. That’s more effective with global campaigns, since the GDPR requires companies to get consent to collect data on European consumers, but U.S. agencies are less GDPR-aware, the publisher said. “U.S. agencies don’t realize the extent of the issue and the penalties,” this person said.

Some agencies look askance at this whole practice and question its efficacy in the first place. Buors said Reshift doesn’t often ask publishers for their first-party data, saying brands’ data is of higher quality. Eric Smith, executive director of innovation at Mediassociates, said his agency uses a publisher’s audience data to optimize a campaign, not to retarget, and the agency values the publisher relationship and believes a campaign loses value when it targets people off the publisher’s site anyway.

“There’s not a need to steal or clone or misuse publishers’ data,” Smith said.

The post ‘An aggressive ask’: Publishers bristle at agencies’ demands for first-party data appeared first on Digiday.

03 Apr 05:33

With Golf Digest, Conde Nast tees up first of several consumer marketing efforts

by Max Willens

Condé Nast said it would launch multiple consumer revenue projects this year to diversify its revenue streams. Its first swing at one, Golf Digest All Access, which launched April 2, offers more than 200 instructional videos, live and interactive coaching clinics, plus a print subscription to Golf Digest, for $9.99 per month or $100 per year.

All Access was two years in the making and fits Condé Nast’s overall strategy for pursuing consumer revenue, where each title is responsible for growing this business, be it through paywalls like The New Yorker’s and Wired’s, content or commerce. In typical Condé Nast fashion, the corporate office is mostly hands-off, though centralized digital strategy, consumer marketing and product development teams all pitch in.

“The ideas will come out of the brands,” chief digital officer Fred Santarpia said. “The folks that are living and breathing the brand every day almost always have the best ideas of what’s going to resonate.”

Chris Reynolds, Golf Digest’s digital gm, said All Access was shaped by the fact that instructional content attracts the most engaged readers. Seventy percent of the site’s audience reads at least some instructional content, but the most engaged audience members would look at it four to five times every month.

Some of that content is free to visitors. But last year, Golf Digest began selling instructional video courses a la carte for $10 apiece. The first course, “12 Days to Better Golf,” was released in April 2017. Since then, Golf Digest has developed almost 60 classes, and it’s sold individual courses to 10,000 customers. Reynolds said Golf Digest is raising the price of individual classes, eventually to $24.99.

Golf Digest priced All Access lower than the courses to encourage people to subscribe, which drives recurring revenue. The low price point was meant to make it easy for people to subscribe and for Golf Digest to later add on and charge for other services, such as exclusive photos or tee times.

Golf Digest also opted for a subscription model based on a 2017 survey of amateur golfers that found that 75 percent of respondents said they did not have a favorite golf instruction subscription; the company with the highest share, Revolution Golf, had just 5 percent of the market.

Santarpia said whatever progress All Access makes will be shared across Condé Nast titles.

“We’re going to be tracking what the conversion rate is against those loyal users,” Santarpia said. “We’re going to try and superserve them, and white-glove it. It’s not about broadening it out to a mass product.”

The post With Golf Digest, Conde Nast tees up first of several consumer marketing efforts appeared first on Digiday.

28 Mar 07:41

The Most Powerful Mac Is 6 Years Old and Not Sold By Apple

by Jason Koebler

For many pro applications, the most powerful Mac computer you can buy today is not the $5,000 iMac Pro. The best Mac you can buy today is not new and not even sold by Apple—it’s six years old and is sold by a third-party company in Denmark.

There is a small but growing community of creative professionals—video editors, audio engineers, software developers, 3D modelers, and graphic artists—who are modifying their circa 2009-2012 Mac Pros to be even more powerful than the ones Apple sells today. Because those computers can use top-of-the-line graphics cards that aren't compatible with the iMac Pro or the 2013-and-onward Mac Pro, these modded computers are crushing the benchmarks of even brand new new computers.

The Mac Pro 4.1 and 5.1 are known in the community as the “cheese grater” Mac Pro towers. These are the last highly upgradeable and modifiable desktop computer that Apple sold before moving to the much-maligned “black trash can” design that is sold today and hasn’t changed significantly since 2013. Upgraded versions of the 4.1 and 5.1 are, in many cases, the fastest Apple computers you can buy today.

People are putting new CPUs, RAM, SSDs, and modern graphics cards in the cheese grater Macs that are, in many cases, superior to what you can buy from Apple today. The Facebook group Mac Pro Upgrade is filled with people scooping up old Mac Pros from eBay and Craigslist and modifying the hell out of them.

“We’re using the skeleton of the machine,” Gianluca Mazzarolo, owner of the Denmark-based Big Little Frank, which makes custom Mac Pros for creative professionals, told me on the phone. “With CPUs, nothing drastic has happened in [the last 3-4 years]. To do what a lot of pros want, you just need a good GPU. We’ve found a way to put two good ones in old Macs. For some things, it’s better than any Mac offered at the moment.”

"We’re helping the company close this huge stopgap between 2013 and whenever they introduce the new Mac Pro"

There are pitfalls: Installing new CPUs sometimes involves “delidding” a processor, which means removing a shield from it to make it compatible with the 4.1 or 5.1. Certain newer components are not compatible because drivers don’t exist. The lack of Thunderbolt ports makes doing this a nonstarter for certain people. Mazzarolo also has had to find a way to reroute the Mac Pro’s power supply to directly power electricity-intensive modern GPUs (as designed, the power is routed—and limited—by the computer’s motherboard.)

Image: Big Little Frank

But many of these potential problems have been completely solved by the community. Like the Hackintosh community, the Facebook group has a running list of compatible and incompatible parts, shares written and video tutorials about upgrading the computers, and has even found a way to upgrade the Mac Pro 4.1 into the Mac Pro 5.1 with a firmware update. As an end-around the lack of Thunderbolt Port, people are using 10 Gb/s ethernet connections to directly connect their computers to massive hard drives that store media.

Big Little Frank’s business is aimed at the “pro” community who feels like Apple let them down by killing the upgradeability of the MacBook Pro and Mac Pro.

“It feels completely ridiculous to be doing this. You cannot go to Apple.com and find a computer better than these,” Mazzarolo said. “I think a lot of people in this group see upgrading the Mac Pro as a cheaper way to get a functional Mac. But I don’t think the point is really the essence. The essence is people wanted more powerful Macs and Apple didn’t give it to them, so we are.”

Various people have been experimenting with their own DIY Mac Pro upgrades, and lots of YouTubers are sharing methods for upgrading the computers.

Mazzarolo is right that there is a wide sect of Apple’s customer base is upset with the fact that it hasn’t updated the Mac Pro since 2013, and new MacBook Pros are both unupgradeable and have only USB-C ports to expand with. Last year, Apple went on a press tour to let the pro community know that the Mac Pro is not dead—but a new model hasn’t yet been announced. In response to this gap in the market, the Hackintosh community has thrived and the Mac Pro Upgrade community has risen.

There are a few reasons why older Mac Pros can become so powerful:

  • Even though cutting-edge CPUs don’t work with them (the drivers often don’t exist, and in some cases the six-year-old motherboard can’t handle them), the Mac Pro 5.1 was designed to accommodate up to 12 cores: “Even though a single core isn’t fast, imagine having 12 of them for video editing and audio—those cores together are faster than my brand-new MacBook,” Mazzarolo said. The new iMac Pro can have up to 18 cores; new MacBook Pros max out at four cores.
  • The 5.1 can take a whopping 128 GB of RAM, which is equal to what a fully upgraded iMac Pro can take and double what Apple says the trash can Mac Pro maxes out at (it’s worth noting that the RAM used in newer Mac computers is usually faster)
  • The 5.1 can be modified to use modern SSDs, which Mazzarolo said are in some cases faster than the ones used in the new iMac Pro
  • The 5.1 can use almost any brand-new graphics card from most manufacturers, which is the main reason why a fully souped-up, old Mac Pro can outperform new computers. “With some rendering engines, the AMD cards that Apple uses [in new Mac Pros] don’t even work,” he said. “In general, even mid-level graphics cards we put in are as fast as those in the iMac Pro. We can put in better cards and we can put in two of those.”

On the Facebook group, Mazzarolo posted benchmarks of one of his custom-built rigs playing 5K, 6K and 8K RED RAW video clips against current-model Apple computers. A new, 15-inch MacBook pro and a recent “trash can” Mac Pro weren’t capable of playing the video at more than 8 frames-per-second. His custom-built model was able to get 24 fps in each case.

Image: Mazzarolo

To be clear, even the most highly modified Mac Pro 5.1 will not be able to outperform newer computers in many day-to-day tasks. These modified computers are specifically made for video editing, graphic design, and audio recording and editing, and many of Mazzarolo’s clients work in those industries. I’ve seen people trying to play brand new video games on some of these older machines, for instance, and they have had wildly unpredictable results.

Mazzarolo also knows that his line of work won’t exist forever. His machines vary in price from $1,500 up to $9,000 (which includes separate external hardware for specific clients.) He tells clients that his computers will likely be competitive for another couple years, and that it will no longer make sense for him to modify these computers in about a year and a half as CPU and RAM technology in stock computers improves to the point where the components that are still compatible with old Mac Pros can no longer compete.

He, like everyone else in the pro world, is anxiously waiting for Apple to announce new Mac Pros. Until they come out, he says he’s doing Apple a favor by keeping people from switching to PC in the meantime.

“We’re helping the company close this huge stopgap between 2013 and whenever they introduce the new Mac Pro,” he said. “That’s a gap that pisses a lot of people off.”

28 Mar 07:22

Fight back against Facebook overcollection with EFF's free Privacy Badger plugin

by Cory Doctorow

Privacy Badger is EFF's free privacy plugin; it blocks trackers and ads from companies that practice "non-consensual tracking," in which your browser's "do not track" instructions are not honored. (more…)

28 Mar 06:54

The Atlantic explains why it hired a columnist who wants a quarter of American women put to death

by Rob Beschizza

Last week, The Atlantic hired Kevin Williamson, a conservative famous for his flamboyant bigotry, a flair most famously exhibited when he wrote that women who have abortions should be hanged along with their nurses and doctors.

Online outrage was immediate, drawing attention to his other greatest hits: transgender women commit genital mutilation and are “effigies” of women; rape accusers should be publicly named; the poor are lazy and their communities should be abandoned; and a comically fabulated account of meeting a black child he compared to a primate and described as "three fifths" of a Snoop Dog. The Atlantic itself described him as "gratuitously nasty" way back in the mists of 2016.

"These are not views one would typically associate with the Atlantic," wrote Jordan Weissman at Slate. Sarah Jones, at The New Republic, wrote that it marks the mainstreaming of the reactionary right.

What I noticed, though, was the general assumption that The Atlantic's current brass simply didn't know about the things he'd written. Williamson deleted his Twitter account, after all, as if to hide his past from his new editors. (Compare to the New York Times, which recently hired a columnist only to fire her hours later over tweets it claimed it had never seen.)

But I had a hunch: I thought (and said as much) that Williamson was hired explicitly because of what he had written about women, black kids and the poor. To well-off center-leaning liberals, Williamson is the perfect post-Trump conservative: superficially literary, ostentatiously nasty, profoundly disgusted by the weak, yet (and this is super-duper important) opposed to the current president.

Atlantic editor Jeffrey Goldberg explained today why he hired Williamson. Nailed it! Not only was Goldberg and The Atlantic aware of Williamson's writing, they love it: "I recognized the power, contrariness, wit, and smart construction of many of his pieces. I also found him to be ideologically interesting". Moreover, Goldberg was party to Williamson deleting his Twitter account, to ease his transition from the reactionary right to columnist at a liberal-ish magazine.

A couple of months ago, in one of our conversations, I mentioned some of his more controversial tweets, and in the course of that conversation, he himself came to the conclusion that Twitter was a bad place for him to be, and he spiked his account. I took this to be a positive development and a sign of growth.

Goldberg's rationale also makes clear something else, though: they (rather sanctimoniously) think that Williamson has "grown" beyond his National Review persona, and that his willingless to do so is part of why they hired him.

I don’t think that taking a person’s worst tweets, or assertions, in isolation is the best journalistic practice, I have read most, or much, of what he has written; some of his critics have not done the same. I would also prefer, all things being equal, to give people second chances and the opportunity to change.

Emphasis mine. This is the most revealing thing in all this. Goldberg implies that the things Williamson wrote were a kind of ideological clothing, flourishes that say nothing sincere about the man. His attitude will change as easily as a pair of socks--at least when the right foot is put forward under their masthead.

In other words, they simply don't take what Williamson has said seriously.

A conservative (I can't remember who--if you know, tell me) recently wrote something very insightful about (I think) liberals. Liberals, he wrote, tend to think conservatives and Christians don't really believe what they say. They assume it's all posture and imposture in pursuit of politics. They constantly call conservatives "trolls". As I recall, the author proposed that this is a projection, a tell, revealing the feckless, floating indifference to morality at the left-end of America's political mainstream.

Goldberg's explanation for hiring Williamson seems the perfect illustration of this.

Frankly, I'm with the unnamed conservative of my memory (or perhaps imagination). Williamson's beliefs are not a pair of rhetorical socks. I accept that the things Williamson has said are the things that Williamson believes. I suspect that his enmity toward women and minorities runs cold and deep. Goldberg should think seriously about such people who read and work at The Atlantic, left to quietly wonder where Williamson keeps his rope.

27 Mar 06:41

ICE uses Facebook's backend to hunt immigrants, with help from Palantir

by Cory Doctorow

Public records requests have shown that the Immigration and Customs Enforcement -- who have continued and intensified Obama's program of mass deportations and separation of families under Trump -- uses Facebook's logs, merged with logs from cellular carriers and analyzed by software from Palantir (Peter Thiel's police-state arms-dealer) to track immigrants. (more…)

22 Mar 12:22

Facebook för närvarande

by Hexmaster
Det har sagts om och om igen: Gör inte skojiga tester på Facebook. För när du klickar in dig för att få reda på vilken Game of Thrones-karaktär du är, hur du ser ut om 50 år, "9 av 10 kan inte lösa detta [busenkla] problem" osv. så ger du de som ligger bakom rätt att använda de uppgifter som Facebook har om dig – och om dina vänner.

Måtte det sista börja sjunka in nu. Tillsammans med en hel del annat, som är för stort och komplext för en enkel bloggpost, så har det inneburit det största avbräcket hittills för världens viktigaste företag. Och det syftar inte på att de tappat en halv biljon (över 500 miljarder kronor) i börsvärde på ett par dagar utan förtroende.

Den bästa sammanfattningen jag hittills sett är, inte helt oväntat, den på Wikipedia:
In 2018, whistleblowers revealed that personal information from over 50 million Facebook users was sold to Cambridge Analytica, a political data analysis firm that worked for Donald Trump's presidential campaign. The data was collected using an app created by Global Science Research. While approximate 270,000 people volunteered to use the app, Facebook's API also permitted data collection from the friends of app users. When the information was first reported Facebook tried to downplay the significance of the breach, and attempted to suggest that the stolen data was no longer available to Cambridge Analytica. However, with increasing scrutiny, Facebook issued a statement expressing alarm and suspended Cambridge Analytica, while review of documents and interviews with former Facebook employees suggested that Cambridge Analytica was still in possession of the data.
Appen ifråga "harvested Facebook data using a personality app under the guise of academic research". Kanske någon billig hittepå-psykologi à la Thomas Erikson?

Därtill har Facebook inte betett sig särskilt vuxet, för att uttrycka det milt:
According to The Guardian reporter Carole Cadwalladr who broke the story, both Facebook and Cambridge Analytica threatened to sue the newspaper if it published the story and continually tried to prevent its publication. After the story was published anyway, Facebook claimed that it had been "lied to". Cadwalladr said that Facebook was trying to shift the blame onto a third party. Nick Thompson of Wired and CBS News pointed out that Cambridge Analytica obtained all the personal data without to having "breach" Facebook, and that "It didn't work because somebody hacked in and broke stuff, it worked because Facebook has built the craziest most invasive advertising model in the history of the world and someone took advantage of it."
 - Wikipedia: Facebook#Cambridge Analytica breach (mina markeringar)

Gissningsvis kommer detta inte att innebära något större tapp räknat i användare. Men det är ju inte dem som Facebook tjänar pengar på. Måhända de kommer att få något svårare att få uppmärksamhet från annonsörer i den seriösare delen av det spektrat. Och ännu svårare att sälja in prylar som den så kallade Facebook-pixeln, "ett analysverktyg som hjälper dig mäta hur effektiva dina annonser är genom att tolka åtgärderna personer utför på din webbplats".




20 Mar 07:51

Why We're Not Calling the Cambridge Analytica Story a 'Data Breach'

by Lorenzo Franceschi-Bicchierai

On Saturday, an investigation by The New York Times, the Guardian, and its sister publication The Observer revealed that the data analytics firm that helped the Donald Trump presidential campaign had harvested the Facebook data of more than 50 million people in an effort to profile users and eventually target them with political ads.

In 2014, a researcher collected the data through an app that asked users to take a personality test for academic research purposes. Around 270,000 people agreed to have their data collected through the test, which its creator, Aleksandr Kogan, defined as “a very standard vanilla Facebook app.” But thanks to Facebook’s terms of service and its API at the time, the app was also able to collect data of their friends. This gave the researcher, who later handed the data to Cambridge Analytica, the raw information of more than 50 million people, according to the reports, which were largely based on the account of a former Cambridge Analytica data scientist.

The Observer called it one of Facebook’s “biggest ever data breaches.” The Times only referred to the incident as a “breach” once, using the term “leak” throughout the rest of the article. We at Motherboard believe the use of the expression “data breach” in this case is incorrect and may be confusing to readers.

As the news spread and echoed online, several websites and other publications called it a data breach. Many security experts and researchers—and Facebook itself—believe this is the wrong expression to refer to what happened here.

“It is incorrect to call this a ‘breach’ under any reasonable definition of the term,” Facebook’s chief security officer Alex Stamos wrote in a deleted tweet.

Facebook’s vice president and deputy general counsel Paul Grewal wrote that “the claim that this is a data breach is completely false,” because the researcher who made the app obtained the data from “users who chose to sign up to his app, and everyone involved gave their consent.”

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzo@jabber.ccc.de, or email lorenzo@motherboard.tv

Saying that “everyone involved” consented seems misleading, given that only around 270,000 out of the 50 million people who got their data harvested reportedly signed up for the app. The others probably had no idea this app even existed. And since Facebook changes its privacy settings so frequently, we also don't know if the people who agreed to use the app fully understood what kind of data they were giving up. And no one at the time knew the data would later be handed out to a shadowy data analytics firm hired by the Trump campaign.

While we understand why some are describing the data Kogan handed to Cambridge Analytica as a breach, based on what’s been reported so far, we believe that describing this incident as a breach would, at least at the moment, mislead our readers.

We’ve been regularly covering data breaches for years. No one hacked into Facebook’s servers exploiting a bug, like hackers did when they stole the personal data of more than 140 million people from Equifax. No one tricked Facebook users into giving away their passwords and then stole their data, like Russian hackers did when they broke into the email accounts of John Podesta and others through phishing emails.

In 2014, when Kogan collected the data of 50 million people, he was playing by the rules. At the time, Facebook allowed third party apps to collect not only the data of the people who consented to giving it up, but also their friends’ data. The company later shut down this functionality.

Facebook says the data was misused because Kogan told Facebook he would use it only for academic research. But that might be the only anomalous thing about this case.

Facebook obviously doesn't want the public to think it suffered a massive security breach, like Yahoo did in 2013 and 2014. We agree not because we want to minimize the significance of the Cambridge Analytica story, but because the real story is far more troubling: This data collection was par for the course. In other words, it was a feature, not a bug. And while the process that Kogan exploited is no longer allowed, Facebook still collects—and then sells—massive amounts of data on its users.

As Zeynep Tufekci, the author of Twitter And Tear Gas, put it, Facebook’s vehement defense that this was not a data breach is itself actually a damning statement of what’s wrong with Facebook, and Silicon Valley’s ad industry in general.

“If your business is building a massive surveillance machinery, the data will eventually be used & misused,” Tufekci, a University of North Carolina professor who studies the social impact of technology, wrote on Twitter. “There is no informed consent because it's not possible to reasonably inform or consent.”

Facebook’s security team, Tufekci concluded, can’t mitigate the company’s business model, which is predicated on collecting as much of our data, and our friend’s data, as possible.

We can condemn the misuse of this data, and Facebook’s data collection practices, without calling it a data breach, a term that may confuse readers and distract them from what we believe is the real problem here: Silicon Valley giants have built massive data collection machines with almost no guardrails on how they are used.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.

19 Mar 10:58

Clearchannel took over America's local radio, Bain Capital took over Clearchannel, Clearchannel went bankrupt

by Cory Doctorow

As I've written, the demise of newsmedia can't be blamed on tech -- rather, it was the combination of technology and deregulated, neoliberal capitalism, which saw media companies merged and acquired, vertically and horizontally integrated, with quality lowered, staff outsourced and assets stripped, leaving them vulnerable to technological shocks, after all their in-house experts were turned into contractors who drifted away, their physical plant sold and leased back, their war-chests drained by vulture capitalists who loaded them up with debt that acted like a millstone around their necks as they strove to maneuver their way out of their economic conundrum. (more…)