Pranks on Google Maps Keep Getting More and More Racist
First it was Edward Snowden in the White House. Then it was the Android robot peeing on the Apple logo. For weeks Google has been scrambling to clean up pranks caused by flaws in the open source component of Google Maps. But even now that the company has disabled its Map Maker feature, people are still discovering inappropriate changes.
Searching for the N-word in Maps brought users to the White House, with historically black college Howard University and the U.S. Capitol building as other results. Searching “f--k ni--ers” also brought up the Capitol and “ni--er university” also produced Howard.
Beyond the racial slur, “c--t house” was also redirecting to the White House, and “shit hole” was set to bring users to different places based on their locations. You get the idea.
Meanwhile, searching “why can’t we be friends” brings up American University Washington College of Law.
A Google spokesperson told the Verge in a statement that, “Some inappropriate results are surfacing in Google Maps that should not be, and we apologize for any offense this may have caused. ... Our teams are working to fix this issue quickly.”
The company does seem to have cleaned most of these problems up, but it wouldn’t be surprising if Internet users discover a few more pranks hiding in Maps. Crowdsourcing maps data is a great way to improve accuracy, but it’s also an open door for hate speech and other bigotry. Hopefully Google is working on improving its screening system for submissions.
1.1 Million Customer Records Compromised in CareFirst Insurance Hack
For CareFirst BlueCross BlueShield, the road to hell was paved with good intentions. Recently, while making cybersecurity upgrades, the company discovered that it had actually already been breached—in June 2014.
1.1 million current and former customers were affected by the hack, and CareFirst has 3.4 million current customers. The company, which offers coverage in Washington D.C., Virginia, and Maryland, says that hackers compromised one of its databases and may have had access to user names, member IDs, legal names, birthdays, and email addresses. Medical records, credit card numbers, and social security numbers weren’t affected.
Cybersecurity consulting firm Mandiant did not find evidence of other breaches on the CareFirst network, according to the insurer. The company is forcing all affected users to set up new accounts (new user names and passwords) and is offering two free years of credit monitoring. The incident isn’t on the scale of the Anthem breach, disclosed in February, which affected 80 million customers, but it shows that even companies taking action to protect themselves may be behind the curve.
NSA Wanted to Lurk in Google and Samsung App Stores to Spread Malware, Misinformation
The National Security Agency, working with international surveillance bodies, developed plans to infiltrate popular online app stores so it could covertly install malware on scores of smartphones. The revelation comes from a document obtained by Edward Snowden and parsed by CBC News and the Intercept.
The slide presentation lays out a plan, developed in 2011 and 2012, to track the movement of data on the physical infrastructure of the Internet by determining how and where smartphones connected to the Google and Samsung app stores. The group wanted to use this information to position itself to launch man-in-the-middle attacks (in which the operative lies in wait on the path that data take between an origin server and a receiver). The idea was that as Samsung and Google users downloaded apps, they would also be downloading surveillance malware without knowing it. The program was dubbed "IRRITANT HORN."
Agents working on the covert initiative were part of the so-called Network Tradecraft Advancement Team, and they came from the “Five Eyes” surveillance collaboration of Canada, the United Kingdom, New Zealand, Australia, and the United States. As the Intercept points out, other documents have indicated that the “Five Eyes” developed surveillance malware for broad distribution, but it wasn't clear how the alliance had planned to spread it.
In addition to discussing the propagation surveillance software, though, the new document also describes efforts to place messages and other communications data on smartphones. The group wanted to send “selective misinformation to the targets’ handsets” to, among other things, confuse adversarial intelligence agencies. The document even describes efforts to access Samsung and Google's app stores as a way of collecting information on the companies' customers.
The efforts seem to have been targeted at preventing “another Arab Spring,” by having access to consumers' smartphones, knowing their habits, and being able to spread messages. The slide show describes one of the team's goals as collecting “usable knowledge about how to acquire intelligence FROM the network.”
Netizen Report: Young Political Cartoonist on Trial in Iran
The Netizen Report offers an international snapshot of challenges, victories, and emerging trends in Internet rights around the world. It originally appears each week on Global Voices Advocacy. Ellery Roberts Biddle, Mohamed ElGohary, Hae-in Lim and Sarah Myers West contributed to this report.
Iranian activist and artist Atena Farghadani is facing charges of spreading propaganda against the system and insulting members of parliament and the supreme leader for a cartoon she drew and published online depicting Iran’s members of parliament as animals voting on a law that would restrict women’s access to contraception. Atena has been held in solitary confinement for prolonged periods since her arrest in August 2014, and went on a hunger strike to protest prison conditions three weeks after her second confinement. Amnesty International is leading a call to action in support of Atena.
Bahraini activist back to prison over tweets
A Bahraini court upheld a six-month sentence for Nabeel Rajab, president of the Bahrain Human Rights Centre, for comments he made on Twitter criticizing police defectors who joined ISIS. He may face a longer jail term pending an investigation for other tweets.
PayPal blocks donations for Russian opposition report
Electronic payment service PayPal has blocked an account that sought to collect donations to print a report written by late opposition politician Boris Nemtsov presenting evidence of Russia’s involvement in the conflict in eastern Ukraine. According to PayPal’s support team, PayPal does not allow “any political parties or political causes in Russia to receive donations due to the complexity of complying with local rules which require validating the identity of users.” It is unclear how it defines “political causes” or whether these rules apply to accounts registered in other countries.
Hacking is illegal in Britain (unless you’re the government)
The British government may have changed its anti-hacking laws to ensure that government intelligence and law enforcement agencies are exempt from criminal prosecution. According to London-based advocacy group Privacy International, changes were made to the Computer Misuse Act shortly after Privacy International and seven Internet service providers began a legal challenge to the government’s use of computer hacking to gather intelligence, claiming it was unlawful under the Act. In response, the U.K. Home Office said there have been no changes made to the act that “increase or expand” authorities’ investigatory powers.
Belgium slams Facebook over unauthorized tracking
Belgium’s Privacy Protection Commission lambasted Facebook for disregarding European privacy laws by tracking users without prior consent and for dodging inquiries from regulators. According to Reuters, the commission urged Internet users to install privacy software to protect themselves from Facebook’s tracking systems, whether or not they have a Facebook account (which is good advice all around.)
- “Freedom of Expression, Encryption and Anonymity: Civil Society and Private Sector Perceptions”—Web Foundation, CIHR, ITS Rio, Derechos Digitales
- “A Chatty Squirrel: Privacy and Security Issues with UC Browser”—Citizen Lab
- “Inside Google’s Secret War Against Ad Fraud”—AdAge
Delta’s New Safety Video Is Painfully Bad. Here, Watch It.
It’s hard to even know where to begin. Basically, don’t do this. Delta Airlines just released a new safety video to show at the start of its flights, and it’s crammed with meme references. The goal is presumably to get people to listen to the safety instructions while also trying to make the airline seem cool and likable. But it’s all just too much.
The problem is that memes are inherently fickle, and invoking one for corporate promotion is like using someone else’s wand. The sacred means of participating in a meme is simply to share it for the lols. If you clearly have an agenda, you are breaking this unspoken pact.
Slate staff reactions to the video included: “weak sauce,” “how does it take SIX MINUTES to communicate this information” (though the video is actually five minutes long), and “it sullies everything pure about the Internet.” To the second point, even though other successful safety videos have been in the five- to six-minute range, the Delta video does seem to drag. It feels like the meme jokes are just slowing it down instead of keeping things moving.
Another issue is that the meme re-enactments seem off. The “Charlie Bit My Finger” impression is all over the place, the cat on a Roomba in a shark costume looks bored instead of intent on destroying everything in its path, and the screaming goat just has so much unused potential. Also, Delta apparently didn't get the memo about the growing collective desire to never speak of or reference the Harlem Shake again.
It’s always fun to be in on a joke, and it’s occasionally possible for a large corporation to prove that it really does have its finger on the pop culture pulse. But for the most part, being a huge company (especially one that we trust with our lives as our bodies hurdle through thin air) means trading cool points for profits. This is why we can’t have nice things.
Internet Providers Said Net Neutrality Rules Would Ruin Everything. Let’s Check in on That.
The telecom industry has long maintained that it supports free and open Internet and wants to protect net neutrality. But when President Obama came out in support of reclassifying broadband as a utility under Title II of the Telecommunications Act and the FCC planned a vote on proposed reclassification rules, Internet service providers (ISPs) had to draw the line.
“We do not support reclassification of broadband as a telecommunications service under Title II,” Comcast wrote in a November 2014 statement. “Doing so would harm future innovation and investment in broadband.” That month Time Warner said, “Regulating broadband service under Title II ... will create unnecessary uncertainty, lead to years of litigation and threaten the continued growth and development of the Internet.” And a July 2014 statement from AT&T said that Title II reclassification “would actually impose barriers to broadband infrastructure investment.”
Notice any common threads?
It’s been almost three months since the FCC voted in favor of Title II reclassification, so things should be falling apart by now, right? But it seems that the new rules haven't been as big of a deterrent as ISPs said they would be. BGR points to a CNBC interview AT&T CEO Randall Stephenson did on Monday. He said, “We’re going to invest around $18 billion this year. That will allow us to deploy a wireless broadband solution to 13 million homes around the U.S.” Yeah, sounds brutal.
Stephenson wasn’t completely ignoring the Title II debate, though. He said AT&T is confident that the courts will strike down the new regulation, and that’s why the company is comfortable moving forward with infrastructure investment. AT&T did cut infrastructure spending in November 2014 after Obama’s net neutrality statement. But the company is less adversarial now, either because its confidence in litigation is well-founded or because it secretly knows that Title II won’t be the end of its profits. After all, any company that also offers landline phone service (like AT&T) is already familiar with operating under Title II regulation.
Verizon CFO Francis Shammo addressed this, perhaps with more candor than he intended, at the UBS Annual Global Media and Communications Conference in December 2014. “This does not influence the way we invest. We’re going to continue to invest in our networks and our platforms, both in Wireless and Wireline FiOS where we need to,” Shammo said. “I mean if you think about it ... we were born out of a highly regulated company, so we know how this operates.” The man makes a good point!
When Verizon announced first-quarter earnings in April, it said that it was working to migrate customers from the copper network to fiber (presumably for both DSL Internet and phone service). Forty-seven thousand users switched during the quarter, and the 2015 goal is to transition a total of 200,000 customers. Verizon is also purchasing AOL for about $4.4 billion. Though the deal has more to do with digital content than physical infrastructure, it shows that Verizon doesn't seem to be anticipating a lean year.
Meanwhile, Comcast announced in April that it is moving forward with rolling out 2 gigabit–per-second connectivity for 1.5 million customers in Atlanta. The Title II debate certainly isn’t over, but things pretty much seem like business as usual since the FCC reclassification.
Should the Internet Trust You? This Browser Extension Will Be the Judge.
Three years ago, in a TEDGlobal talk, sharing-economy guru Rachel Botsman shared her vision of a “reputation dashboard”—a kind of credit report that tracks your online behavior across services like Airbnb, TaskRabbit, and Dogvacay and compiles it into a portable measurement of your trustworthiness. Amassing that data, Botsman proposed, would make reputation into a kind of currency. “In the 21st century,” she predicted, “new trust networks and the reputation capital they generate will reinvent the way we think about wealth, markets, power and personal identity in ways we can’t yet even imagine.”
It’s a compelling vision, but so far it hasn’t been realized. That’s because, as I noted last year, the companies that have amassed the most reputation data aren’t eager to share it. “We’re in an early and competitive stage,” Monroe Labouisse, Airbnb’s director of customer service, told me at the time. “That asset—the trust, the data, the reputations that people are building—is hugely valuable. So I’m not sure why a company would give that up.”
A new company is trying to do an end-run around that intransigence by scraping publicly available information from various sharing-economy services and compiling it into a trust score between 0 and 100. Called Karma, it works as a browser extension—any time you pull up a supported site (which currently includes Airbnb, Craigslist, Dogvacay, Ebay, Etsy, RelayRides, and Vayable) a pop-up window will ask if you want to link your account to your Karma score. That score is calculated by looking at the reviews you’ve received—both the quantitative ratings (the number of stars, for instance) as well as a textual analysis of written comments. Different services are weighted differently; intimate interactions like those powered by Airbnb and Dogvacay are deemed more relevant than relatively anonymous eBay sales, and more recent reviews also are weighted more heavily. The more services you link, the higher your potential score. (Of course, if you’ve misbehaved on one service, your score could fall—but then, you would probably choose not to link it in the first place.) When you peruse a supported service, you’ll see every user’s Karma score superimposed over their listings. It’s a little bit like the sharing economy’s answer to Klout, that notorious Q rating for social media.
Zach Schiff-Abrams, Karma’s co-founder and CEO, says the company has not contacted companies like Airbnb or Dogvacay. But he thinks they will welcome his service, because it will make it easier for new hosts to attract guests, instead of grinding through the first few months as they attempt to build up a bank of positive reviews. “TaskRabbit’s biggest frustration point is the on-boarding process for new Rabbits,” Schiff-Abrams says. “We think that Karma can act as an arbiter to help these people begin to build a reputation much sooner.”
There’s something compelling and simple about this. It ignores all the complicated behind-the-scenes algorithms and processes that companies like Airbnb use to establish reputation and just collects the publicly available result of those processes. According to Schiff-Abrams, this simple hack—going directly to the users rather than through the enterprise—is what convinced VCs like Great Oaks to support them.
These platforms now represent billions of dollars in commerce, and as such they must be extremely wary of bad actors trying to game the system. And Karma’s system, at first blush, looks pretty gameable. Going through the browser makes it easier for Karma to reach users directly, but it also makes it harder to confirm a Karma user’s true identity; if I’m using a friend’s browser, it would be pretty easy to link his or her Karma score to one of my accounts.
There’s also a weakest-link problem here. It’s easy to imagine using Karma as a Trojan horse—building up a high reputation score on a more easily gameable system and then importing that score into the fortress of Airbnb.
It’s precisely to avoid that kind of scenario that Airbnb has invested so much money in its trust and safety division, an intricate and detailed set of algorithms to sniff out sketchy behavior. (If a new listing is getting a lot of positive reviews from the same account, for instance, the algorithm will flag it.) Of course those algorithms impact what gets posted on Airbnb, so in some ways Karma is freeloading off Airbnb’s expensive and painstaking security infrastructure.
Right now, Airbnb insures its hosts up to $1 million, in part because it trusts its algorithm to guard against the most egregious forms of fraud or malfeasance. But if someone is using a Karma score to determine who to rent to, that means that Airbnb is suddenly assuming the risk for a different company’s security mechanisms. It’s hard to imagine Airbnb will go for that, and I’d expect them to insert some language saying that anyone who uses Karma is no longer eligible for the insurance coverage—which would probably be enough to do serious damage to Karma. (Airbnb declined to comment on a product they haven’t had a chance to use yet.)
If this were earlier along in the sharing economy, Karma might have a bit more time to work all this out. Certainly that’s what happened to Airbnb—as it grew, the company realized it had to get more serious about security, and it had plenty of missteps along the way. But now this is a mature market, and I’m afraid it’s a little late for this kind of experimentation. This is a clever approach to a big problem, and it’s frustrating that competitive pressures are preventing it from getting solved. But ultimately I’m afraid that the problems of identity and trust are too complicated and fraught to be solved with a simple browser extension.
Also in Wired:
Microsoft Solitaire Is 25. Join the Tournament!
The best part of encountering an old PC—whether it's your ancient IBM Thinkpad or your great-aunt's Gateway desktop—is playing Solitaire on a long-obsolete version of Windows. Change the card art to the spooky castle and go nuts. And for the beloved classic's 25th birthday, Microsoft is launching two tournaments to identify the ultimate Solitaire addicts.
Microsoft says that the first competition will be internal at the company this month. Then in June it will publicly release the same challenges it gives its employees for an Internet-wide showdown. As Slate's Josh Levin wrote in 2008, "Though on its face it might seem trivial, pointless, a terrible way to waste a beautiful afternoon, etc., solitaire has unquestionably transformed the way we live and work."
Microsoft offers a whole Solitaire Collection for download now, but there's nothing like the original that first awakened pure digital procrastination in each of us. And by the way, if you haven't played FreeCell in a while, it's still a nightmare.
Innocence of Muslims Can Go Back on YouTube. Good.
On Monday the 9th Circuit Court of Appeals reversed an earlier ruling that had forced YouTube to take down Innocence of Muslims, an inflammatory anti-Islam film that may have helped spark the Benghazi attack. Because this is America, the decision did not deal directly with blasphemy—a constitutionally protected form of expression—but with copyright and intellectual property. Yet lurking just beneath the court’s opinion lay a vigorous defense of free speech, individual liberty, and the right to disseminate even hateful, noxious ideas.
The strange case arose after Cindy Lee Garcia accepted $500 to appear briefly in what she believed was an action-adventure thriller set in ancient Arabia. Garcia’s only line was “Is George crazy? Our daughter is but a child?” In postproduction, however, producers overdubbed her line with the words, “Is your Mohammed a child molester?”
In the final cut of the film, Garcia appeared on screen for five seconds. But after the film premiered and spurred riots in the Middle East—and a fatwa against its actors in Egypt—Garcia sued YouTube and its parent company, Google, demanding they take down the film. Initially, Garcia asserted that the film was hate speech and violated her right to privacy. Eventually she settled on the copyright claim, insisting that she held a copyright over her five-second appearance, which gave her the right to force Web hosts to remove the film.
As the 9th Circuit acknowledged on Monday, Garcia’s copyright claim was, in short, ridiculous. The “author” of a film is usually its director, perhaps jointly with its producer and screenwriter. Individual actors can’t “author” a film for copyright purposes; otherwise, every actor would hold a copyright over her individual scenes, creating what Google called a “Swiss cheese of copyrights.”
It gets worse for Garcia. The Copyright Office registers movies as a single “work” and refuses to splinter every film in smaller copyrightable bits. Pragmatism dictates such a rule—otherwise, the court says, each of the estimated 20,000 extras in Lord of the Rings might assert copyright ownership of their individual scenes. And oddly, Garcia’s copyright claim is even weaker than a Lord of the Rings extra’s: While Frightened Hobbit No. 2 might have actually spoken his lines, Garcia’s one line was overdubbed, meaning she didn’t even utter a single word in the film. By manipulating her role, the movie’s director became the indisputable author of even Garcia’s five-second cameo.
All of this stuff is good law, well applied. But luckily the court recognized that there’s more going on here than just a dry intellectual property dispute. At the outset the majority wrote that the appeal “teaches a simple lesson—a weak copyright claim cannot justify censorship in the guise of authorship.” Later on it reprimanded a panel of judges who had previously ordered YouTube and Google to remove the video:
The takedown order was unwarranted and incorrect as a matter of law, as we have explained above. It also gave short shrift to the First Amendment values at stake. The mandatory injunction censored and suppressed a politically significant film—based upon a dubious and unprecedented theory of copyright. In so doing, the panel deprived the public of the ability to view firsthand, and judge for themselves, a film at the center of an international uproar.
In a separate opinion the 9th Circuit’s liberal lion Judge Stephen Reinhardt benchslapped the panel once again, sternly noting, “This is a case in which our court not only tolerated the infringement of fundamental First Amendment rights but was the architect of that infringement”:
[W]e issued an order that prohibited the public from seeing a highly controversial film that pertained to an ongoing global news story of immense public interest. … By suppressing protected speech in response to such a threat, we imposed a prior restraint on speech in violation of the First Amendment and undermined the free exchange of ideas that is central to our democracy and that separates us from those who condone violence in response to offensive speech
Intellectual property experts generally agreed that the copyright ruling was correct. But you don’t have to be an IP professor to know that the Constitution does not permit courts to censor expression through the vehicle of a thinly veiled copyright claim. Innocence of Muslims may be blasphemous, hateful, and inane, but it’s also a textbook example of highly political speech on a matter of fierce public debate. Its controversy demonstrates precisely why it needs constitutional protection. Free speech is a very nice idea for a democracy. But it means nothing when judges can toss it out the window under the pretext of a laughable copyright suit.
Gorgeous, Algorithmically Generated Time-Lapses of the World’s Most Popular Landmarks
Time-lapse photography is fascinating because it can reveal changes that transpire too gradually to observe in real time. The problem is that, well, it takes a long time.
Researchers from Google and the University of Washington have found an elegant way around that, at least for some of the world’s most-photographed landmarks and scenes. In a paper published online, the researchers show how publicly available images shot by countless amateur photographers over a period of years can be algorithmically transformed into beautiful time-lapse videos. They call the process “time-lapse mining.”
The researchers started by gathering 86 million time-stamped images publicly uploaded by various users of photo-sharing sites such as Google’s own Picasa and Panoramio. They used image-recognition software to automatically pick out thousands of “clusters” of photographs that all showed the same landmark, such as the Salute in Venice or the Mammoth Hot Springs at Yellowstone National Park. Then they developed algorithms to warp a subset of photos in each cluster to a common viewpoint and scale, and ordered those by time stamp.
Throw in a few image-stabilization techniques and correct for lighting differences, and voila: an automatically generated time-lapse video of each landmark that looks almost as if it were shot with a single camera. At the top of this post is the full video that the researchers published in conjunction with their paper.
“Whereas before it took months or years to create one such time-lapse, we can now almost instantly create thousands of time-lapses covering the most popular places on earth,” the researchers wrote in their paper. (Here is the PDF.) “The challenge now is to find the interesting ones, from all of the public photos in the world.”
Figuring out what’s interesting, you see, is a task that’s still beyond the ken of machine-learning algorithms. The Google and UW researchers had to go through the time-lapse videos themselves to determine which were worth highlighting in their paper. They homed in on several categories of subject, including waterfalls, seasonal changes in vegetation, geological changes, construction projects, and city scenes. Sprinkled through this post are a few of our favorites, in GIF form, including the one of Las Vegas' changing skyline below.
And here is the full video that the researchers published in conjunction with their paper, including a slew of other impressive time-lapses. It's very much worth watching.