TechTopia: Disreputation Management

Richard Bradbury: This week on Mattsplained’s first TechTopia edition, we have a car crash that isn’t Facebook, a car crash that is Facebook, age detection facial recognition software, moves to criminalise payments to ransomware groups and Apple’s latest device bricking software update.

Richard Bradbury: Whether we want to or not, we have to start with Meta…

Matt Armitage:

• Do we? We could talk about the weather? We had some hedges in our garden pruned back this week.

• That’s quite interesting.

• One of the disadvantages of being a weekly show that’s recorded a few days ahead of broadcast is that we can sometimes seem a little behind the curve.

• Fortunately, we were able to report on the predictions that the company was about to change its name.

• Although, we suggested, along with those reports that it might be something Horizon linked, in line with some of the company’s new product names.

• So, it turns out that Facebook in its bid for ownership of the metaverse, has chosen the name Meta.

• That should have been obvious given Zuckerberg’s penchant for imagination.

• After all, his company Facebook is essentially a yearbook of faces.

• So, I guess we should just be thankful he called it Meta rather than Verse.

Richard Bradbury: Do you still maintain that the rebrand isn’t linked to Facebook’s current PR troubles?

Matt Armitage:

• I do. As I said a couple of episodes ago when we discussed this, a corporate restructuring and rebranding exercise of this scale can take years.

• I think we’re looking at around 12-18 months of planning and design here.

• And I’ve asked a few friends in the branding sector for their opinions as well.

• And their estimates range from 12 to 24 month.

• I definitely think it could be linked to wider troubles like privacy and pending antitrust legislation.

• Restructuring could make it easier to argue that Facebook doesn’t have too much power.

• And to get legislators to view components of the company as individual rather than meshed entities.

• But in larger terms I think it is about that play for the metaverse.

• And the fact that Facebook doesn’t have youth appeal.

• In fact, it has the opposite.

• In branding terms, Facebook is effectively youth repellent.

Richard Bradbury: Do you think this move is enough to get them past those current troubles?

Matt Armitage:

• That’s why I questioned the timing of this when we chatted about it a couple of weeks ago.

• It’s oddly timed to me. Because this makes it look as though it’s a mealy-mouthed way of escaping from those negative stories.

• Because this story isn’t going to change that narrative.

• If anything, it draws more attention to that negative publicity.

• And it also plays to those stories as Mark Zuckerberg as a tone-deaf soulless robot.

• Because it wasn’t essential to do it now. This is genuinely something that no one except Facebook cared about.

• If it had been me, rather than a none too successful former british deputy PM running their PR,

• I would have shelved this announcement until they could have spun it a bit more positively.

Richard Bradbury: Do you want to get into details about the metaverse itself?

Matt Armitage:

• No.

• PAUSE

• Sorry. I guess that doesn’t make good radio.

• If you want to know more about what a metaverse is, or what it could be.

• Who will own it and why you should care one way or another.

• You can go back to the show we did a few weeks ago – late August I think – the show would be MSP176.

• Where we talk about the different development and ownership and development models.

• Is that us done with what seems like our weekly Facebook crisis update?

Richard Bradbury: I think so. Unless there’s anything urgent you can think of…

Matt Armitage:

• We could mention in passing the verge report that an Elon Musk fan page was briefly verified by Facebook as being an official Musk page.

• It clearly wasn’t and never tried to be…

• It’s not clear how long it was verified for, and the status was quickly revoked.

• But it is very weird.

• Facebook is usually quite stringent when it comes to giving verified status to accounts.

• You need all kinds of information, sometimes incredibly personal stuff like passport details, or company registration information.

• IN order to get verified. And the process can take a long time.

• To this day, I can’t get myself verified.

Richard Bradbury: To be fair, there is some doubt as to whether or not you are a real person…

Matt Armitage:

• For tax reasons, I’ve been arguing for a number of years that I’m a non-corporeal being domiciled in the Virgin Islands.

• On its own, this story isn’t a big deal. It’s an interesting footnote.

• But it does highlight the ongoing issue – across all social media platforms.

• About how difficult it is to prove that people really are who they say they are.

• In fact, we’ve got another story coming up about technologies that are helping online verification.

• Twitter suspended its verification process for a while because of this kind of issue.

• And only relaunched it earlier this year.

• Interestingly, I think it was paused after verifying the account of the organizer of the Charlottesville far right-wing rally in the US.

• And this year, a report also found that Twitter’s algorithm tends to disproportionately amplify right wing views and stories.

• All of which means – Let’s go from one car crash to another.

Richard Bradbury: This would be Apple’s car crash detection service?

Matt Armitage:

• Yes. Now, automatic crash detection services that dial the emergency services for you in the event of an accident aren’t actually new.

• Google has had a version for a while.

• And a lot of car manufacturers have this baked into the systems that operate their cars.

• So you might wonder why Apple is bothering…

Richard Bradbury: I wasn’t…

Matt Armitage:

• At least you’re paying attention.

• We focus on the little wins on this show.

• Apple is very gung-ho about its Airplay car kit integration.

• I think I read one report that said up to 80% of new cars in the US have Airplay baked in.

• Which makes sense – I think the US is the one market where iOS is more dominant than Android.

• So, not having this functionality means Apple is offering less than the competition.

• It’s about money as well as convenience and convergence.

• General Motors pulls in $2bn dollars a year in revenue with its own OnStar automotive connectivity service.

• So, there’s big money there in selling ancillary services and subscriptions via car systems.

• And, as we mentioned in last week’s episode about the iPod, Apple is never shy of pulling or delaying functionality if it doesn’t work right.

• And its accident detection systems in Apple watch etc up till now, have been ok but not great.

Richard Bradbury: Apple doesn’t always pull the things that don’t work…

Matt Armitage:

• No. The latest version of its Mac OSX OS, Monterey, seems to be running into some bugs.

• Whenever I update something with Apple I always expect either my Wifi or my Bluetooth to stop working the way it did before.

• It seems to be one of those constants that keeps the universe running.

• Monterey was released last week. Usually, I will update one of my machines to the new OS and keep the other one running the older version.

• And usually, it’s my newer machine I upgrade first.

• Users are reporting some quite troubling bugs with Monterey.

• One of the more serious and persistent ones is memory leak.

• Memory leak happens when the system monitor doesn’t take note that an application has been used, so it continues to allocate a portion of the systems RAM to it.

• This has happened to a number of users who have reported that their system flashes up a message that the computer has run out of system memory.

• It can even continue to accelerate and accumulate more and more RAM usage in some instances.

• It’s usually cleared if you either hard quit the application or restart the computer.

• Though some users have also claimed that they get the system memory warnings almost as soon as they log back in.

Richard Bradbury: It’s annoying but not a game changer…

Matt Armitage:

• No, but there have also been reports that the update is effectively bricking some macs with Intel processors.

• Something similar happened with last year’s Big Sur update.

• After the update, the computer boots to a black screen.

• The normal method to rectify this kind of issue is to reset the system management controller.

• If you’ve had an apple computer for any length of time you’ve probably become an unwilling expert at SMC resets.

• Which in some cases can’t be done, especially with non-battery powered models like the Mac Mini,

• Because the failed update effects all the ports, so the machine can’t draw any power.

• Some users have also reported that their efforts to take their machines into Apple for emergency resurrection have been met with claims that their machines are at fault.

• And given estimates of USD$500 to replace logic boards.

• Apple does have past form in dodging software and hardware issues.

• And has occasionally only owned up to them and started offering replacement schemes after enormous public or legal pressure.

Richard Bradbury: To clarify, this only effects older machines, is that right?

Matt Armitage:

• It depends how you frame older machines.

• It seems to only affect Intel based Macs.

ch all of them up until early: 2020

• And I think – I may be wrong – the company is still selling Intel models of some machines.

• So people have reported laptops bought as recently as the middle of last year becoming unusable.

• The worst thing is it seems to affect machines randomly, so you can’t pinpoint a model and a year of manufacture as being more or less susceptible.

• I would advise waiting until version 12.1 of the software before you risk an update.

• Or, if you do, make sure you do it on a machine you can afford to have offline for a bit or spend some time troubleshooting.

Richard Bradbury: Incredible. This is at risk of becoming a proper tech show. With actual news and useful tips and everything. I’m sure we’ll revert to type after the break.

BREAK

Richard Bradbury: News, information and expert insight. 3 things you’re unlikely to find on your average episode of Mattsplained.

Matt Armitage:

• I have to say I that that and what you said before the break very hurtful.

• I’d admit to some emotion if it wouldn’t jeopardise that court of appeal application on my taxes.

• And just for your information the next story is news too.

• We recorded too late to note that the popular gaming site Roblox was offline for 3 days over the weekend.

• If you’re not a kid, or don’t have kids, you may not know what Roblox is.

• If you do, then you know that Roblox is the most important gaming site on the Web.

• And has about 40m users every day.

• And it’s also another one of the companies in the running to develop the de facto metaverse of tomorrow.

• And it has the advantage, like Fortnite makers Epic Games, of actually being liked by the demographic that is likely to become the metaverse’s initial use base.

Richard Bradbury: Was this similar to the Facebook outage that happened a few weeks: something that was an internal server issue rather than a ransomware or hacking attempt?

Matt Armitage:

• Yes, we’re still Waiting for details of the cause of the shut down.

• Roblox CEO David Baszucki has pledged to publish a postmortem.

• We’ll see. There was speculation that the outage was to do with a tie up the company had done with fast food company Chipotle.

• As it occurred shortly after the promo rolled out last Thursday.

• But Roblox quickly made it clear that it was coincidence and not causality.

• They also clarified that it wasn’t a hacking attempt and no user data was at risk.

Richard Bradbury: 3 days is an incredibly long time for an internal outage, though?

Matt Armitage:

• That’s the big question, isn’t it?

• The Verge pointed out that as about half of the company’s users are under 13, it probably made for a long weekend for parents.

• Again, pointing to the superiority of raising cats rather than children.

• Normally, with internal outages, companies switch to mirror servers.

• Or limit the outage to certain pools of users.

• To be out for 3 days without those external factors like hacking is quite unusual.

• When Facebook’s entire platform went down recently, it was to do with the unified platform all the company’s platforms ran on.

• So their technicians were unable to log on to rectify the issue at first.

Richard Bradbury: It’s a bit like the situation for Apple’s Monterey users – Facebook’s outage temporarily bricked the system..

Matt Armitage:

• But it highlights the problems of concentrating the power of something like the metaverse in the hands of one company.

• Be it Epic Games, Roblox, Facebook or some other.

• If the metaverse is going to be the de facto evolution of the Internet.

• There’s enormous risk if something like a software update can switch it off for most, if not all of the world’s inhabitants.

• Especially if payment systems, travel cards, ID systems and everything else is based on those platforms.

• And that’s why we come back to those discussions about one company having too much power.

• The Internet is so useful because it’s distributed. Yes, it’s inefficient. It’s prone to stuff going wrong.

• But there are workarounds when bits of it break.

• Episodes like Roblox and Facebook’s outages show how important it is to have alternatives.

Richard Bradbury: We do have an actual hack attack: this is the news of The Grief ransomware attack on the National Rifle Association in the US.

Matt Armitage:

• Yes. I’m going to avoid wading into the politics side of this.

• Whatever you think of the NRA, ransomaware attacks against large companies and entities are becoming increasingly common.

• And I should point out that at the time we recorded this the NRA has not admitted that it had been attacked or acknowledged that data posted on the darkweb was genuine.

• Though reporters noted that NRA email addresses appeared to be offline.

• Which has led the US to impose economic sanctions against certain hacking groups, notably the Russian based gang Evil Corp,

• which it claims that Grief acts as a front for.

• And that places companies in an awkward position.

• We’ve seen a number of them paying multi-million dollar ransoms as a way to retrieve their information and get their systems back online quickly.

• But sanctions mean that the company is effectively breaking the law in paying the ransom.

• And can be further fined by the US Treasury for doing so.

Richard Bradbury: Doesn’t that seem a little counter-intuitive?

Matt Armitage:

• What? Penalising the victims of crime?

• Yes, but the thinking behind it may be multi-fold.

• A number of hacking groups base themselves in countries that tolerate them as long as their targets are domestic.

• And won’t entertain requests to extradite them to face charges, or prosecute them locally.

• So the sanctions go after the money – and by extension, anyone, especially officials or politicians, who benefits from those illegal payments.

• In terms of the company paying the ransom, the thinking may be that it forces them to contact law enforcement.

• Being hacked is more than an embarrassment. It can negatively effect your share price and market confidence.

• So the fines can serve to reduce that incentive to cover up a ransomware attack and to make sure those companies involve the cyber police.

• And in the longer run, provide a disincentive to the hackers: if you know a company is prohibited from paying you, you choose a different target.

Richard Bradbury: Can that really work as a disincentive?

Matt Armitage:

• Well, the fact that Evil Corp is using the Grief name is a cover suggests there may be something to the theory.

• The world of Ransomware is very brand conscious.

• You might call it disreputation management.

• A company knows it’s in trouble because of the pedigree of that hacker group.

• And that it should pay rather than fight.

• If those groups are forced to use other covers to evade sanctions it also helps to erode their reputation.

• Again, making it more likely a target will work with the authorities rather than simply paying out.

• If it sounds like a risky scenario – look at who bears the risk.

• You can look at it as the US Treasury taking the long view and sacrificing the companies that are hacked today.

• For the good of reducing the incentives in the market over the long run.

• All I can say is that I’m glad that I’m not part of that experiment.

Richard Bradbury: I think we’ve still got time for a little one…

Matt Armitage:

• This is the story I mentioned earlier, that links to verification and online identity.

• With services like Facebook and Roblox, age is a major factor.

• Facebook postponed the launch of Instagram for Kids.

• And most social media networks place a entry level age limit of 13 on signing up for accounts.

• But of course, there’s nothing to stop someone underage clicking a different date of birth in a sign-up form or age gateway.

• So wouldn’t it be good if AI could do that for us?

• Identify when someone is too young and lock them out of the system?

Richard Bradbury: So, this is the biometric data, ‘chip the child at birth’ argument?

Matt Armitage:

• Thankfully, no.

• Although my view is that they should be chipped and a satellite with a laser gun tracks them until they’re 18.

• And if anyone says you can’t play god in that way, I’m happy to apply for the position.

• But no, this is a system that uses facial recognition, not to identify someone from a database, but to use its neural net to take a good guesstimate of someone’s age.

• The system being pioneered – if that’s the right word - by a British startup called Yoti.

• Estimates the age of a person within a range of 6 to 60 years old.

• They can be used online and in shops and stores where products are age-limited.

Richard Bradbury: So, for buying things like alcohol or tobacco?

Matt Armitage:

• Yes, and also for the things we think about less.

• Poisons and chemicals in hardware stores.

• It can also be used on the door at events, bars and clubs.

• The idea is that the machine can flag whether a member of staff should be requiring proof of age from that customer at the point of sale or entrance.

• The company says that their software is accurate to about 2.79 years in guessing someone’s age.

• In the under 25 age group, that drops to around 1.5 years.

• And those younger age groups tend to be the ones with the most prohibitions.

Richard Bradbury: What about the privacy aspect?

Matt Armitage:

• Yoti states that it doesn’t store the images it captures.

• It analyses them, gives an estimate and they’re gone.

• There is also the argument that – do you need a computer to tell you to card someone?

• Door=staff at venues are pretty seasoned at catching someone’s age.

• As are staff in supermarkets. And how difficult is it to ask someone for proof of age without an AI?

• It gets a little trickier when you get online.

• We do need a way to keep kids away from adult and gambling sites.

• And this does seem like one solution.

Richard Bradbury: I sense that the ‘but’ is coming…

Matt Armitage:

• As with many facial recognition systems, it’s been noted that they work most efficiently with:

• Light-skinned males.

• The accuracy decreases for women in general and the darker your skin is.

• Partly because datasets used to train neural networks often contain a disproportionate number of light-skinned males.

• Or pasty no marks as you and I would be called back home.

• Beyond that, privacy advocates are worrying that surveillance of children especially is becoming increasingly pervasive and intrusive.

• And however well-meant, this technology simply adds another layer at a time when many advocates are pushing for legal bans on biometric tracking of children.

• And – just to square the circle as it were – as we move towards that future of the metaverse.

• Where our online experiences may become far richer and more intense. Perhaps even more explicit.

• We will need to strike that balance between protecting those at risk and limiting the surveillance and tracking

• that we are likely to be subjected to in these online environments.