An App Outage Ruined My New Year’s Resolution, Because This Is How We Live Now
I began this year planning to embrace that most early-January of clichés: the annual mass pilgrimage to the gym. I didn’t care if more consistent exercisers scorned my amateur-hour efforts and ignorance of mat etiquette; I would start the year off on the right foot, which is to say a hip’s-width distance from and parallel to my other foot—mountain pose, in yoga parlance. 2018, let’s do this.
Instead of belonging to a gym I use ClassPass, a subscription service for fitness classes. For a flat monthly membership fee—I pay $75, which gives me either five classes or 45 “credits” under a new system ClassPass is testing—I use it to book classes at a mix of different studios. Many of these offer “boutique” takes on spinning, barre, and various other things that people like Gwyneth Paltrow are always raving about. I signed up last year after years of not belonging to a gym or studio, and I hoped prepaying for a set number of classes would actually inspire me to show up. It’s more expensive than the unlimited access you get through many standard gym memberships (though cheaper, per class, than paying the upfront price of most of these studios), and though it’s been around for a few years and is available in 40 cities, it’s precisely the kind of coastal-snob nonsense I would mock if I didn’t find it so exceedingly convenient.
So there I was this Wednesday, all set to begin my new year’s fitness journey, when ClassPass, for the first time, failed me. It wouldn’t book the class I picked; the site kept turning out errors. I got out my phone and tried to book using the app, and no luck. Even though my selection was a not-too-special yoga class at the off-peak hour of 8 p.m., it seemed possible it was full, maybe of others trying to jump-start their resolutions. But then I couldn’t book my second and third choices either. For maybe 20 minutes I toggled between my laptop and phone, click-click-clicking on the “reserve class” button, each tap reinforcing that maxim that the definition of insanity is doing the same thing over and over and expecting different results. For all the stress of it I would probably need a second yoga class.
ClassPass later confirmed that it had been having a problem with some reservations and cancelations, but by the time it was back up it was too late for me; my exercise window passed me by. (Just like so many people lapping me on the track in high school gym class. Sigh.) The timing was inopportune—three days into the new year, just as we, the resolved, were gearing up to kick 2018’s butt.
I probably should have shrugged this off as an everyday inconvenience, but I managed to convince myself (and my editor!) that the outage, on this of all weeks, was actually history’s greatest tragedy. Examining the situation in a completely rational and objective way, I quickly came to the conclusion that there’s pretty much no way ClassPass can ever really make this up to me. Let’s say the service offers me additional class credits for the inconvenience: That would just mean I have two more credits to use up, with zero exercise actually accomplished. Extra credits won’t make these muscles work themselves! Does the service understand how rare it is for a person (me) to actually get psyched up about exercising? It’s an impossible-to-fake feeling, and it was going to set the tone for my whole year. Who knows, I may have even exercised so hard at that Wednesday class that I would have filled my quota for the entire year in one go and would already now, as I write some other article instead of this one, be incredibly fit. What I’m saying is that those bozos messed up my life irrevocably and short of providing cosmetic surgery or inventing time travel, there’s no way to make up for my lost attendance at this one, ever-so-crucial yoga class. And I would have told ClassPass all of that in a strongly worded letter, if I weren’t afraid of being flagged as unstable and banned.
Breathe. Assume child’s pose.
Yes, there’s a new year’s moral here, and it’s not that apps, when they work, can empower us to be the new and improved selves we imagine. It’s that we shouldn’t need them for that—or so many of the other useful but unnecessary ways they make our lives easier.
It would be easy to blame ClassPass and other on-demand services of its ilk for transforming me into the kind of spoiled brat who flips out when she can’t get her fancy exercise class due to a technical glitch. But I think the real lesson of becoming overly dependent on the vagaries of some startup is not to become so reliant on anything. The day after my ClassPass freakout, Mother Nature dumped a “bomb cyclone” on the Northeast, delaying my exercise plans yet again. Tech isn’t going to disrupt weather anytime soon, and it’s never going to be perfect every time.
As useful as tools like ClassPass can be, they’re not the only ways we have to better ourselves, the tech industry’s messianic promises notwithstanding. It’s great if we’re using them to realize our new year’s ambitions, but as good a resolution as any would be learning to let apps, startups, and other new-fangled services complement our lives and habits without overdetermining them. Next time my boutique fitness solution fails me, I resolve to exhale before I start having a meltdown. Hey, maybe I should download one of those meditation apps.
Major Tech Lobbying Group Supporting Legal Push to Restore Net Neutrality
The Internet Association, a D.C.-based tech lobbying group representing industry titans like Google, Amazon, and Twitter, will be filing legal arguments as an intervening party in support of the legal push to restore net neutrality, according to a report from Recode’s Tony Romm.
The Bright Side of the Two Intel Chip Security Vulnerabilities
It was only a matter of time before we started naming security vulnerabilities after James Bond movies. If the names selected for the two microprocessor vulnerabilities announced this week—Spectre and Meltdown—haven’t brought fear to hearts of the computer-using public, it can only be because they were overshadowed by weather forecasters’ breaking out the label “bomb cyclone” for this week’s East Coast snowstorm. The vulnerabilities affect almost all of the microprocessors manufactured by Intel, the company that makes the chips used in most personal computers. (For years it was the world’s largest computer chip manufacturer but its chip sales were surpassed by Samsung over the summer. Samsung’s chips are primarily used in mobile devices, however.)
Both Meltdown and Spectre reportedly could allow intruders to steal all of the data stored in the memory of a computer using one of the affected chips, but one is much easier to fix. Meltdown has been addressed with software patches issued by Microsoft and Apple, as well as several browser manufacturers. Spectre, meanwhile, apparently cannot be fixed with a software update. We’ll have to wait for a new generation of computer chips, and personal computers, before it can be addressed.
Hardware fixes are, by nature, much slower and more difficult (and more expensive!) than software fixes since they require all of us to go out and buy new computers rather than just downloading a patch—though convincing people to install updates is a challenge of its own. The fact that we rely on pretty much just one company to manufacture microprocessors for personal computers makes it that much harder, of course.
So that’s the bad news, but there’s also some good news in this story. Spectre and Meltdown were discovered by a group of independent, academic, and industry researchers, including a team at the Graz Technical University in Austria, researcher Paul Kocher, and Google’s Project Zero security team. Happily, their contributions are being celebrated and appreciated even by Intel, despite the fact that none of the researchers works there. That’s not always a given for people working on, or even just writing about, vulnerabilities in other companies’ products.
Just last month, Keeper Security filed a lawsuit against Ars Technica security editor Dan Goodin for publishing an article about vulnerabilities in Keeper’s password management service. In November, researcher Kevin Finisterre discovered a vulnerability in the products of drone manufacturer DJI and reported the issue to the firm. But he said the company later threatened to bring a lawsuit against him under the Computer Fraud and Abuse Act. (No such lawsuit has been filed.) So independent security research is still far from being universally accepted or encouraged by major tech firms. It’s heartening to see Intel embrace it—and it’s an important reminder of the incredible value in having people outside a company test its products and services for security flaws.
It’s also heartening to see how quickly the major cloud computing companies, including Google, Microsoft, and Amazon, patched their systems to protect against the Meltdown vulnerability. One of the stranger things about the media coverage of Specter and Meltdown has been its emphasis on the idea that these vulnerabilities are especially dangerous for cloud computing, in which multiple customers’ data may be stored on the same servers. The New York Times called Meltdown “a particular problem for the cloud computing services run by the likes of Amazon, Google and Microsoft” while The Verge said, “The CPU catastrophe will hit hardest in the cloud,” but in fact cloud services have done more to protect themselves against the newfound flaws than most of the rest of us.
Were those services not immediately patched, it’s true, the vulnerabilities could well have caused major problems. Someone with access to an account on one of their cloud servers could potentially have accessed other customers’ data. But since they were in fact immediately patched, they’re probably one of the safest places to store your data right now if you’re worried about someone exploiting Meltdown. Far from being crisis, Meltdown was a success story of cloud computing—patches rolled out across a handful of huge companies effectively serve to protect the data of millions of customers worldwide.
There’s an understandable inclination in the aftermath of the discovery of a new security vulnerability or data breach to make it out to be as apocalyptically terrible as possible if only so people will read about it. That’s not always a bad instinct, as sometimes it helps draw people’s attention to the problem in productive ways by encouraging them to install patches or change compromised credentials. But there are also happier stories underlying some of these discoveries, and it’s important not to lose sight of those.
Joke Cryptocurrency Dogecoin Surpasses $1 Billion Market Cap
Shiba inus are strange dogs. Though their compact, angular faces give them a cartoonish, welcoming appearance, those that I’ve known have been surprisingly aloof. And while their coats may seem puffy and squeezable, all that plush-looking fur tends to be bristly when you stroke it. I imagine that many adopt them on their online reputation alone, only to learn that what looks adorable at a distance is sometimes unpleasant up close.
There might be a lesson in this for adherents of Dogecoin, a cryptocurrency inspired by a meme that was itself inspired by the shiba inu breed. But if there is, it’s not clear that anyone is listening. Originally created in 2013 as a joke, the cryptocurrency recently surpassed $1 billion market capitalization, according to the site CoinMarketCap.
Not everyone is excited. As Coindesk reports, Jackson Palmer, Dogecoin’s creator, suggests that the currency’s increasing value represents a worrisome trend, partly because the currency—with which he is no longer involved—“hasn’t released a software update in over 2 years.” It’s certainly not the first time Palmer has sounded the alarm. In September 2017, Palmer told the New York Times that he worried the cryptocurrency market as a whole was headed toward a “reckoning.” At the time, Dogecoin had peaked at a market cap of about $400 million.
CNBC, meanwhile, quotes a digital commodities trader who suggests that the appeal of Dogecoin for some investors may be that the individual coins are themselves quite cheap: At the moment, there more than 112 trillion of them in circulation, with each unit costing about a penny. That presumably makes it easy for the curious to put their toes in the water. But it’s entirely possible that when their interest fades, so too will the currency.
Still, I’m reluctant to prophesize the death of Dogecoin, if only because so many others have before. In 2015, Motherboard reported on a scam that devastated the cryptocurrency’s amiable community. In 2017, the bot that allowed investors to tip others in Dogecoin died, leading Gizmodo to predict in May that the currency itself would soon lapse into obscurity. For all that, Dogecoin has far outlived the popularity of the meme that helped spawn it—no small feat on the mercurial modern internet.
In the scheme of things, though, Dogecoin is still small potatoes. As I’m writing this, CoinMarketCap lists the total market cap for the 1,384 cryptocurrencies that it tracks at around $763 billion. Nevertheless, the rise of Dogecoin is an important data point in the larger story of the unregulated and volatile marketplace. It’s one that speaks to appeal of enthusiastic, speculative investment, even when all signs should point to caution.
Former Uber CEO Travis Kalanick Plans to Sell 29 Percent of His Stake in the Company
Travis Kalanick, the co-founder and former CEO of Uber, is planning to sell 29 percent of his stake in the company according to Bloomberg. Sources with knowledge of the plan claim that he’ll make $1.4 billion from the deal with a group of investors led by Softbank, who had previously valued the company at $48 billion in December in their agreement to buy equity.
The Chairman of Ripple is About As Rich (on Paper) As the Founders of Google
Chris Larsen, the co-founder and executive chairman of the blockchain company Ripple, saw his net worth soar to $59.9 billion (on paper) on Thursday, according to a report from CNBC. This made him—theoretically—one of the five richest people in America, worth more than Google founders Larry Page ($50.7 billion) and Sergey Brin ($49.3 billion).
Netizen Report: Iranian Authorities Blocking International Web Traffic, Messaging Platforms
The Netizen Report offers an international snapshot of challenges, victories, and emerging trends in internet rights around the world. It originally appears each week on Global Voices Advocacy. Mahsa Alimardani, Ellery Roberts Biddle, Nevin Thompson, Mohamed ElGohary, James Losey, Vishal Manve, Talal Raza, Juke Carolina Rumuat, and Sarah Myers West contributed to this report.
Amid the powerful wave of public protests that have taken place across Iran over the past week, authorities are clamping down on communication and information sharing over platforms like Telegram and Instagram.
On Jan. 2, sources who work at Iran’s internet exchange point told the Center for Human Rights in Iran that the government ordered them to disrupt access to international traffic by bumping every other international data packet off their network. This means that international data cannot be consistently accessed in Iran.
Restrictions have been on the rise since Dec. 28, when protests broke out in the northeastern city of Mashhad over unemployment, rising food prices, and charges of wrongdoing directed at both reformist and conservative government leaders. The demonstrations quickly spread to smaller towns and major cities. On Dec. 31, the Islamic Republic of Iran Broadcasting service announced that authorities had “temporarily” suspended Telegram and Instagram “to preserve the peace and security of citizens.” This is a serious move in Iran, where other large-scale platforms like Facebook and Twitter have been blocked since the 2009 Green Movement protests.
Google Researchers Tricked an A.I. Into Thinking a Banana Was a Toaster. So I Tried It, Too.
While people may fear that artificial intelligence is getting too smart for our own good, researchers at Google have recently found that it still might not be clever enough to thwart human bad actors. In a study released in late December, researchers from Google designed a patch—which can be either a physical or digital image—that can trick machine learning into thinking an item is something else. In this case, the patch confounded machine learning into recognizing a banana as a toaster.
This isn't the first “adversarial” technique that’s been used to fool A.I. (Remember these glasses? They obscured patterns used by advance facial recognition software enough to identify people, tricking it into thinking wearers looked like the opposite gender or even famous celebrities.) But the previous research in this area focused on full image manipulation and imperceptible changes that would need to be adjusted for each new attack. Google’s patch, by contrast, is “scene independent” and has a universal application. So, in theory, you could use the same patch to manipulate an image of a banana, a weapon, or something else, in any location.
What makes the finding even more formidable is researchers have found it effective in both “white box” settings (where researchers have access to the A.I.’s underlying algorithms) and “black box” settings (where they don’t.). Combine those two and you could get, say, bad actors using a sticker to manipulate security software into thinking a gun is a toaster. That’s quite scary, especially when humans actors are being used less and less to validate A.I. judgments. “Even if humans are able to notice these patches, they may not understand the intent of the patch and instead view it as a form of art,” researchers point out in the paper
The paper claims that the A.I. will identify an object as the faux toaster IRL with 99 percent confidence. You can see a Google researcher testing the physical patch against a banana here:
An A.I. skeptic, I took it upon myself to test this magic sticker using potential threats found at my desk: scissors and a pen. To do this, I downloaded Demitasse, an app the Google researchers recommend in their paper for at-home use. To test the app, I tried to identify both objects independent of any manipulations. It failed to identify the scissors at all. Out of roughly 10 trials, it only ranked “ballpoint” pen as the right object for my pen once.
I had slightly more luck with kitchen items. I was able to get the app to recognize both a banana and a printed picture of a toaster.
But when I combined the “adversarial” patch (which basically looks like a toaster melted in a rainbow) with my banana, the results were less spectacular:
The app didn’t suggest the classifier output as a toaster or a banana—maybe not a big surprise given its struggle to identify either to begin with. Of course, there are a lot of things that could have gone wrong in my experiment. It involved an iPhone app (that kept crashing), a piece of paper, and a less than perfect-looking banana. The patch also isn’t optimized for printability, according to the paper. Tricking the app into thinking my scissors were a toaster likely also failed because the patch is less effective in universal applications unless it’s resized. That, and the fact that the app clearly wasn’t great.
Google’s menacing toaster Shrinky Dink shows that as much as we love to focus on its successes, imperfections are inevitable when it comes to mass utilization of machine learning.
A Major Chip Flaw Affects Nearly Every Computer. Here’s What It Means for You.
Two major vulnerabilities in processing chips from Intel, ARM, and AMD—affecting almost all computers, servers, cloud operating systems, and cellphones made in the past two decades—were revealed by security researchers on Wednesday.
Spotify Is Reportedly Going Public. Could That Be Worse for Musical Artists?
According to a report from Axios, the music-streaming company Spotify quietly filed documents with the Securities and Exchange Commission at the end of December 2017 to put its shares on the market. Multiple sources further claim Spotify is taking the unusual step of filing for direct listing on the New York Stock Exchange rather than for an initial public offering, which indicates that the company wants to start selling shares without first putting on a series of presentations to investors in what’s commonly known as a roadshow. By pursuing a direct listing, Spotify can skirt underwriting fees typically required for an IPO, though the move could hurt its shares because underwriters won’t be evaluating or buoying the price. The company was last valued at around $20 million.