This is why Big Tech sites are free of cost, and thriving

I picked up on this today after noticing ZenArmor blocking masses of attempts on my network from a mobile device trying to phone home for an app called Appsflyer. It seems it is embedded into apps for Meta (which operates Facebook, Instagram, and WhatsApp), X, TikTok, Google Ads, Hulu, eBay, etc. It tracks and analyses user behaviour, supposedly inside those apps.

The linked video is explaining to app developers and its customers how it works, and how in 2022 there were nearly 2 billion active users. But pretty damning, at 04:14 it says it can even track users who have uninstalled the application (really, how?). No mention at all in the video about any customer rights, or rights to opt out of this tracking.

The company, Appsflyer I imagine, is a licensed partner of Apple and Google.

Now we can see why some companies get really rich off their free sites, and why decentralised open source platforms have to keep appealing for donations and cannot scale very big otherwise. The difference is those open source platforms respect their users’ privacy, and they live or die by donations and grants (whether in money or labour forms).

See
#Blog, #adverts, #bigtech, #technology, #tracking

EU OS: Community-led Proof-of-Concept for a free Operating System for the EU public sector

EU OS is a Proof-of-Concept for the deployment of a Fedora-based Linux operating system with a KDE Plasma desktop environment in a typical public sector organisation. Other organisations with similar requirements or less strict requirements may also learn from this Proof-of-Concept.

It is led by a community of volunteers and enthusiasts. The project goal is to become a project of the European Commission.

Despite the name, EU OS is technically not a new operating system. Distrowatch lists currently over 250 Linux operating systems (‘distributions’) and their various flavours, spins or subvariants are not even counted in. The added value of EU OS is a different one:

• a common Linux OS as a base for all EU OS users with options to layer on top modifications (national layer, regional or sector-specific layer, organsation-specific layer)
• a common desktop environment
• a common method to manage
• users and their data
• software
• devices

The aims of this project are very similar to that of SAOSS (South African Open Source Software) but the advantage of the EU is that there are a number of firmly established OSS implementations already in place in a few countries within their public sector.

In South Africa, most of the initiatives within the public sector have died out, apart from maybe one municipal district in the Eastern Cape. I was part of one initiative in the South African public sector, and it passed with flying colours, but a change of political leadership very quickly killed off the project just one month before it was due for its permanent switch over.

So, I have three vital pieces of advice for any open source project within the public sector, and they have nothing at all to do with the technology:

1. Strike hard, fast, and with momentum when you have willing political leadership in place. If leadership changes there is a very good chance you could lose your sponsors, because in government a change of leadership does mean a different stance/focus (unlike in the private sector).
2. Do not take things for granted. A lack of opposition does not mean the private sector is behind you. Quite often with government, the Big Tech proprietary companies will stop engaging with IT managers, and they will engage at a political and non-technical level instead.
3. Smaller, local companies have a good chance of benefitting from open source when government drives it. You need to get them actively on your side with regard to training, support, customisation, etc. Standardisation is important here as they want to invest their time in one standard suite of products, not a wild west of different competing products. One approach is to involve them in this decision-making. They can still compete to provide the services.

See eu-os.gitlab.io/category/uncat…
#Blog, #EU, #opensource, #publicsector, #technology

Begun, the drone wars have...

Scientists have created what they say is the world's smallest untethered flying robot, by taking a unique approach to its design. To minimize size and weight, they've moved the bot's power and control systems out of its sub-centimeter-wide body.

Measuring just 9.4 mm in width and tipping the scales at 21 mg, the robot is being developed by Prof. Liwei Lin and colleagues at the University of California, Berkeley. The bot's 3D-printed polymer body consists of a four-bladed horizontal propeller, encircled by a "balance ring." Protruding up from the center of the propeller is a small vertical ring that holds two puck-shaped neodymium permanent magnets – each one is 1 mm wide by 0.5 mm thick.

The robot is powered and steered by an alternating magnetic field which is externally generated along a single axis. As the bot's two magnets are simultaneously attracted to and repelled by that field, they cause the attached propeller to spin, creating lift. Once the robot has become airborne, its balance ring adds rotational inertia, producing a stability-boosting gyroscopic effect.

Uniformly increasing or decreasing the strength of the magnetic field moves the robot up or down by causing it to spin faster or slower, respectively. And by varying the magnetic field's strength over horizontal distance, it's possible to move the bot forward, backward, or sideways accordingly.

#Technology
#Robots

https://newatlas.com/robotics/worlds-smallest-untethered-flying-robot-magnetic-field/

Twitter’s Birdwatch is Fundamentally Flawed

Earlier this week, Twitter announced an initiative to combat misinformation on their platform that they call Birdwatch.

How Birdwatch works: Volunteers sign up (assuming they meet all the requirements) and can add notes to fill in context on misleading tweets. Other users can rate these contextual tweets as helpful or not helpful. All of these “notes” and ratings of notes are completely transparent.

Credit: the Birdwatch website
Credit: the Birdwatch website

At its face, Birdwatch is an attempt to scale up the existing fact-checking capability used during the 2020 U.S. Elections while also crowdsourcing this decision-making.

I will give Twitter credit for two things, and only two things, before I get into the problems with their design.

1. They’re distributing the power to fact-check bad tweets to their users rather than hoarding it for themselves.
2. They correctly emphasized transparency as a goal for this tool.

But it’s not all sunshine and rainbows.

The Fatal Flaw of Birdwatch’s Design

There’s an old essay titled The Six Dumbest Ideas in Computer Security, that immediately identifies two problems with Birdwatch’s design. They also happen to be the first two items on the essay’s list!

1. Default Permit
2. Enumerating Badness

This is best illustrated by way of example.

Let’s assume there are two pathological liars hellbent on spreading misinformation on Twitter. They each tweet unsubstantiated claims about some facet of government or civil service. Birdwatch users catch only one of them, and correctly fact-check their tweet.

What happens to the other liar?

What happens if Birdwatch users can only identify one out of ten liars? One out of a hundred? One out of a thousand?! Et cetera.

(Art by Khia.)

To be clear: The biggest flaw in their product design is simply that their “notes” and “fact-checks” are negative indicators on known-bad tweets.

This will create a dark pattern: If a tweet slips past the Birdwatch users’ radars, it won’t be fact-checked. In turn, users won’t realize it’s misinformation. A popular term for the resulting conduct is coordinated inauthentic behavior.

This already happens to YouTube.

https://youtu.be/1PGm8LslEb4

Hell, this is already happening to Twitter:

https://www.youtube.com/watch?v=V-1RhQ1uuQ4

How To Fix Birdwatch

I wrote an entire essay on Defeating Coordinated Inauthentic Behavior at Scale in 2019. I highly recommend anyone at Twitter interested in actually solving the misinformation problem to give that a careful consideration.

(Art by Swizz.)

But in a nutshell, the most important fix is to change the state machine underlying Birdwatch from:

• No notes -> trustworthy
• Notes -> misinformation

…to something subtly different:

• No notes -> unvetted / be cautious
• Notes ->
  
  • Negative notes -> misinformation
  • Positive notes -> verified by experts

  
  

This effectively creates a traffic light signal for users: Tweets start as yellow (exercise caution, which is the default) and may become green (affirmed by notes) or red (experts disagree).

What Would This Change Accomplish?

Malicious actors that accomplish Birdwatch evasion will only manage to encompass their message in caution tape. (Metaphorically speaking, anyway.)

If their goal is to spread misinformation while convincing the recipients of their message that they’re speaking the truth, they’ll have to get a green light–which is ideally more expensive to accomplish.

Bonus Round

I would also recommend some kind of “this smells fishy” button to signal Birdwatch contributors that this tweet needs fact-checking. Users might self-select into filter bubbles that Birdwatch users are totally absent from, and in turn come across things that are completely unvetted and possibly ambiguous.

While I have your attention, here’s a quality of life suggestion, on the house:

Being able to link claims together (e.g. reposted images with a false claim, n.b. like how the minions memes on Facebook) to deduplicate their claims about reality would save a lot of unnecessary headache.

(Anyone who has used Stack Overflow will appreciate the utility of being able to say “this is a duplicate of $otherThing”.)

What If These Fundamental Flaws Remain Unfixed?

Although Birdwatch will probably meet the immediate goal of scaling up the fact-checking efforts beyond what Twitter can provide (and satisfy the public relations requirements of tangibly doing something to combat this problem), propagandists and conspiracy theorists will simply become incentivized to evade Birdwatch contributors’ detection while spreading their lies.

As I said above, coordinated inauthentic behavior is already happening. This isn’t some abstract threat that only academics care about.

To the aid of the malicious, most users will confuse tweets that evaded detection with tweets that didn’t warrant correction. This might even lead to users trusting misinformation more than they would before Birdwatch. This would be a total self-own for the entire Birdwatch project.

#bullshit #computerSecurity #enumeratingBadness #misinformation #SocialMedia #Technology #Twitter