Tag Archives: geek stuff

Telecoms, data center infrastructure infiltrated, Bloomberg stories say, mystery deepens despite denials

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Taken at face value, a pair of articles on Bloomberg by Jordan Robertson and Michael Riley details how Chinese government intelligence agencies snuck tiny chips into computer servers used by Amazon and Apple, and by at least one major U.S. telecoms company. The devices – as small as the tip of a pencil – could be used to listen to communications going in and out, or to dive deeper into those systems.

If true, Bloomberg’s reporting means that the Chinese government, and possibly other intelligence agencies and criminal groups, have a backdoor that leads deep into U.S. telecoms and data processing infrastructure. It is flatly denied by some U.S. government security officials, by Apple and Amazon, and, according to a story by Jason Koebler, Joseph Cox, and Lorenzo Franceschi-Bicchierai on Motherboard, by most major U.S. telecoms companies…

Motherboard has reached out to 10 major US telecom providers, and the four biggest telecoms in the US have denied to Motherboard that they were attacked: In an email, T-Mobile denied being the one mentioned in the Bloomberg story. Sprint said in an email that the company does not use SuperMicro equipment, and an AT&T spokesperson said in an email that “these devices are not a part of our network, and we are not affected.” A Verizon spokesperson said: “Verizon’s network is not affected.”

A CenturyLink spokesperson also denied that the company is the subject of Bloomberg’s new story. A Cox Communications spokesperson said in an email: ”The telecom company referenced in the story is NOT us." Comcast also said it’s not the company in the Bloomberg story.

Charter Communications and Frontier Communications, two of California’s biggest telecoms companies, aren’t on the not me list, but that might be the result of poor response by their press relations people or, less likely, because they weren’t contacted by Motherboard.

Although Bloomberg’s stories have been refuted by U.K. intelligence agencies, their U.S. counterparts have been silent, as is common practice. Which leaves the door open to uncomfortable speculation: they could have discovered the backdoors and be taking advantage of them too. And if they can, so can other national governments and criminal organisations. Unfortunately, U.S. government spy agencies put a higher priority on their own access to cracked systems, than on defending public cyberspace.

Until this mystery is solved, we’ll have to cope with the possibility that our data centers and telecoms networks are hopelessly compromised.

No longer a project, Loon leaves the nest to fly, or flop, as a business

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Loon is ready to fly on its own. In a blog post, the head of Alphabet’s X division, Astro Teller, says that the high altitude balloon-based broadband company, and a drone based sister project, Wing, are leaving the incubator…

Today, unlike when they started as X projects, Loon and Wing seem a long way from crazy — and thanks to their years of hard work and relentless testing in the real world, they’re now graduating from X to become two new independent businesses within Alphabet: Loon and Wing.

As Other Bets, they’ll continue the missions they started here at X. Loon will work with mobile network operators globally to bring internet access to unconnected and under-connected people around the world. Wing is building a drone delivery system to improve the speed, cost, and environmental impact of transporting goods, and an unmanned-traffic management platform to safely route drones through our skies.

Loon’s business model remains focused on providing back haul capacity to mobile carriers in rural area, and regions that remote beyond rural. It finished a proof of concept run in hurricane-ravaged Puerto Rico, and by all accounts managed to make things better. It wasn’t a cosmic solution to Puerto Rico’s connectivity problems, but it did fill the sort of gaps that its business plan is targeting, and demonstrated that it’s a useful tool in disaster recovery operations, according to an article in Ars Technica by Nathan Mattise…

“We usually think about [Project Loon] in places with no existent network, but when a network goes out, people who were served become underserved,” says Sal Candido, a director and principal engineer at X…“In the future, being prepared for these kind of things is something we hadn’t really thought of, but it could be done in advance as a contingency.”

The big question that’s still to be answered is whether the willingness of mobile operators to pay matches the cost of Loon’s bandwidth. That’s what will determine if it’s a sustainable business, rather than ad hoc networking tool.

Billion dollar fine, new management and “security guarantees” gains ZTE U.S. access

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

ZTE is back in business. The Chinese mobile phone and network equipment manufacturer paid $1.4 billion in fines and replaced its board of directors in order to make peace with the U.S. government. The federal commerce department effectively shut ZTE in May when it cut off access to U.S.-made products, including high end chips and key bits of the Android mobile operating system.

The problems began when the U.S. government accused ZTE of doing business with Iran and North Korea, in violation of U.S. trade sanctions. ZTE’s response wasn’t robust enough to suit the U.S. government, so the company was cut off from U.S. technology and had to close its doors, albeit temporarily. That kicked off a round of what passes for superpower diplomacy these days, according to a story in Bloomberg

President Donald Trump reversed course in May, saying he was reconsidering penalties on ZTE as a personal favor to Chinese President Xi Jinping. Later that month, his administration announced it would allow the company to stay in business after paying a new fine, changing its management and providing “high-level security guarantees”…

ZTE last month took a major step forward in meeting the White House’s conditions by firing its entire board and appointing a new chairman. Its new management faces the challenge of rebuilding trust with phone companies and corporate customers. But the company is said to be facing at least $3 billion in total losses from a months-long moratorium that choked off the chips and other components needed to make its networking gear and smartphones.

ZTE isn’t alone. Huawei, China’s biggest mobile phone maker (ZTE is number two), is also in the Trump administration’s crosshairs. The Federal Communications Commission is considering locking both companies out of federally subsidised projects, because of security concerns. That same kind of thinking led the Trump administration to block the sale of Californian chipmaker Qualcomm to a Singapore based company, Broadcom.

It’s appropriate for the U.S. government to worry about national security, and to take specific steps to meet specific threats. But conflating security with economic advantage is a losing game. The best guarantee of national security is shared economic interests, not trade barriers. To paraphrase Benjamin Franklin, perhaps egregiously, those who would give up a free market to purchase a little temporary security will get neither.

Automous vehicles might punch in to work in California

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Self driving cars would go into commercial service in California, if the California Public Utilities Commission approves proposed new rules. The draft decision, by commissioner Liane Randolph, tracks with the California Department of Motor Vehicle’s licensing framework. The DMV allows autonomous vehicles on public roads as part of “testing” programs run by manufacturers, under tight restrictions and reporting requirements.

The CPUC regulates charter carriers – generally, vans and buses for hire – and ride sharing platforms like Uber and Lyft. Companies with autonomous vehicle interests, including Lyft and General Motors, asked the CPUC for permission to carry passengers as part of their research and development process.

The proposal in front of the CPUC would open up a pilot program that allows manufacturers with licenses from the DMV to operate as charter carriers and offer rides to paying passengers. If they comply with an equally long list of CPUC restrictions and reporting requirements.

Like the DMV rules, the CPUC’s plan allows for vehicles with back up drivers, and with no in-person driver at all, so long as a licensed operator is monitoring remotely. One twist is that the DMV allows testers to carry passengers for free, but not for pay. The CPUC’s definition of compensation is flexible enough to allow for non-cash benefits – presumably, the information gathered is worth the ride.

The ride sharing model won’t be allowed for now. That’s not such a problem, though. You can’t buy an autonomous vehicle yet, so you can’t slap a moustache on it and send it out to earn a living on its own. Any self driving cars that are carrying passengers will, of necessity, be company owned for some years to come. So the CPUC will have time to run the pilot program for a while and figure out how to deal with self employed, self driving cars on a permanent basis.

The CPUC is scheduled to vote o the draft on Thursday, but that can change.

Where one big economy leads the Internet, others must follow

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

A flood of odd looking messages are swelling email boxes in the U.S., telling recipients that they have to take action – click a button, enter an email address, log on to an account – because of something called GDPR. That’s not something that was dreamed up by a Nigerian prince to funnel millions of dollars your way (but be careful – it is a golden opportunity for fraudsters to exploit complacency). It’s a new European Union online privacy rule that’s about to effect – the general data protection regulation, as it’s formally known.

The new regulation imposes strict data privacy requirements, including plain language notices and opt-in permission, on companies anywhere in the world…

The GDPR not only applies to organisations located within the E.U. but it will also apply to organisations located outside of the E.U. if they offer goods or services to, or monitor the behaviour of, E.U. data subjects. It applies to all companies processing and holding the personal data of data subjects residing in the European Union, regardless of the company’s location.

The GDPR applies to ‘personal data’ meaning any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier. This definition provides for a wide range of personal identifiers to constitute personal data, including name, identification number, location data or online identifier, reflecting changes in technology and the way organisations collect information about people.

A U.S. company with only U.S. customers can ignore it, but since on the Internet, no one knows if you’re a dog or a European, the safe route is to accept the E.U. rule as the lowest common denominator and apply the required safeguards across the board.

That’s how the online world works. Legal borders exist, but you never know when you’re going to cross one. The U.S. congress can debate privacy rules all it wants, but the E.U. has effectively preempted it. Unless U.S. lawmakers want to raise the stakes and implement even tougher safeguards.

It’s a principle that’s worth keeping in mind as the California legislature considers enacting its own network neutrality laws. If the E.U. – counted as one, the world’s second largest economy – can write default rules for the Internet, then maybe California, the fifth largest economy, can too.

ZTE shutdown could lead to a mobile OS startup

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

A major Chinese smart phone and telecoms infrastructure manufacturer was stopped cold by U.S. trade sanctions, after it 1. did business with Iran contrary to U.S. rules and 2. didn’t adequately punish the executives responsible for the violation. ZTE announced last week that “the major operating activities of the company have ceased”. It’s number two smart phone maker in China, behind Huawei, but has a low profile among U.S. consumers.

The U.S. commerce department issued an order that bans U.S. companies from doing business with ZTE. Since technology developed in the U.S. – much of it here in California – is critical to high technology products, ZTE had no choice but to shut down. It might be temporary, though, according to an article by Roger Cheng on CNET

The company had to shut down its operations to comply with the order, but it continues to talk with US government officials about a potential stay or reconsideration of the denial order, according to a person familiar with the situation.

“Ceasing operations does not mean we’re going away,” the person said, noting that ZTE has a cash reserve and could eventually tap into financing to stay alive.

The company is also pegging its hopes on broader discussions between US and Chinese officials in their bilateral trade talks – ZTE is expected to be a topic of conversation brought up on the Chinese side, the person said.

One critical piece of technology that ZTE can’t have is Google’s Android operating system, or at least the bells and whistles that go along with it. Android’s core is open source, but linked elements, like the Google Play store and many of the apps in it, are proprietary and now off limits.

ZTE won’t just roll over die. The commerce department’s order might even serve to weaken the Apple/Google mobile operating system duopoly. Of the two ZTE smart phones I’ve owned, one was based on the Firefox mobile OS. It didn’t go anywhere in the market and was eventually shelved, but it shows that ZTE knows its options.

California allows driverless car testing, if anyone still cares

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Driverless vehicles can be tested on California streets and highways beginning next month, but they won’t be completely on their own. The California Department of Motor Vehicles posted new regulations (and supporting arguments) for autonomous vehicles this week. Among the changes is a way for manufacturers or developers to get permission to run vehicles without anyone physically behind the wheel.

Physically. A remote operator is required, someone who “is not seated in the driver’s seat of the vehicle; engages and monitors the autonomous vehicle; is able to communicate with occupants in the vehicle through a communication link” and is “available to assist law enforcement at all times that the vehicle is in operation”.

The vehicle itself must meet industry standards for Level 4 – mind off – or Level 5 – steering wheel optional – operation. Either type can, in theory, drive themselves without a human onboard to watch over things. The difference is that a Level 5 car can go anywhere, any time, while Level 4 cars can only drive themselves within particular boundaries or circumstances. Otherwise, a human has to be ready to take over instantly.

The big question is whether it matters. Manufacturers and developers have other options, like going to Arizona, where the state government has welcomed Google and Uber with open arms and an open road. Or Nevada or Montana, which have governors who are equally accomodating.

California’s regulators are, well, regulators. Not high tech recruiters. Besides a relatively – compared to neighboring states – complex and bureaucratic licensing process, the DMV requires self-driving car companies to submit detailed reports of operations and, particularly, problems that occur. Those reports are then posted on the web, which is a nice perk for companies that are behind the competitive curve, but less thrilling for the market leaders.

Autonomous vehicle technology was born in California because the companies behind it happened to be here. They don’t have to stay.

Wireless charging is less fussy, but still a work in progress

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

One of my goals for CES was to see if wireless charging technology is ready for mainstream consumer adoption. The answer is yes if you’re making contact with a charging pad, but only maybe if you’re not.

Charging pads, of one kind or another, were easy to find at CES. Near field charging – putting a gizmo in direct contact with a wireless charging device – appears to be a maturing technology. Although the Qi standard is gaining – Samsung, LG and Apple support it in some of their models – compatibility is still an issue. There’s no universal solution yet for wirelessly charging your smartphone or wearable device, in the same way that pretty much anything with a wire can plug into a USB outlet. That’s more of an issue for public spaces, though. Consumers can buy what they need to do what they want.

Wireless charging at a distance, though, is more challenging. I saw two companies that claimed to have technology that would allow contactless charging. The most aggressive claim came from Powercast, a Pittsburgh, Pennsylvania-based company that says its FCC-approved technology can deliver upwards of 100 milliwatts – enough for many wearables, if not for a smartphone – at distances of 1 to 3 feet. Very low power, Internet-of-things devices can be charged up to 80 feet away, according to company staff.

I’m cautious about accepting wireless charging performance claims at face value, mainly because of the second company, Energous. Two years ago, it exhibited a prototype that company executives said would work at distances up to 15 feet. And maybe it would, although I didn’t see them actually do it. It ended up on the scrap heap because the company couldn’t get technical approval from the FCC. It used the same 5 GHz band as WiFi devices, and blasting out multiple watts of radio frequency energy into that spectrum would be sure to interfere with data transmissions.

Energous has backed off from those claims, though. The company recently received FCC approval for technology that also has a 3-foot range. It hasn’t been rolled into a product yet, so there was no demo or prototype on display at CES, but company staff at the show expect that manufacturers will adopt the technology and integrate it into products by the end of the year.

We’ll see.

Santa Cruz techies get to CES the hard, fun way

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

Four thousand companies brought their products to CES last month, but only one was brought by its product. A five person team from Santa Cruz – Jane Campbell, Elai Dankner, Nicola Hopwood, Cade Vlacos and Christian Shaw – rode 300 miles from Palm Springs to Las Vegas on a Onewheel+ XR, the new, extended range version of Future Motion’s single wheel, electric powered board.

“It was the most epic journey I’ve ever done”, said Campbell. “You feel so free. The first thing you want to do is call your mom”. And she and her teammates did, calling friends and family from the road as they glided through the Mojave desert.

It took them four days to make the trek, arriving in Las Vegas yesterday in a rain storm. Campbell kept on rolling, right into Future Motion’s booth at the Showstoppers media showcase last night, where she went to work demonstrating the XR with energy and enthusiasm to spare.

The team did the trip as a relay, swapping off riders and boards every 10 to 15 miles. They rode during the day, and pitched tents in the desert at night. It was a remarkably smooth run with no physical or mechanical problems, except for the diesel support van, which temporarily broke down after gasoline was mistakenly pumped into it.

There was a point – besides the sheer joy of it – to what Mudd calls “the longest recorded Onewheel ride”. It was a proof of performance for the XR, which has a range of 12 to 18 miles, more than double the range of the original Onewheel+. That makes it a plausible alternative to a car, said company spokesman Jack Mudd, who also took a turn riding with the team.

Future Motion is headquartered on the west side of Santa Cruz. It was founded in 2013 and initially funded via $630,000 Kickstarter campaign.

You can see the video of the trip here:

Big brother, small ball and connected cars at CES

FacebookTwitterGoogle+PinterestLinkedInRedditEmail

CES 2018 marked a turning point in the consumer electronics business. For the first time, the big companies talked more about services than products. This shift has been long in the making – it’s why the organisers no longer refer to it as the Consumer Electronics Show – and 2018 was the tipping point. It was all about connected home products, with long neglected categories like kitchen appliances and washers and dryers suddenly taking center stage. The products themselves are increasingly generic, with differentiation coming from the voice recognition and artificial intelligence services that manufacturers bundle in.

The thought of my refrigerator or garage door opener constantly analysing my actions and predicting what I’ll want next seems spooky, even unsettling, to me, but conventional wisdom is that what older consumers perceive as surveillance state products, younger ones embrace as high level service. Plenty of innovation was on display, but it came from cloud-delivered services, and not from a box.

Small and medium sized companies were not the place to look for breakout products this year. I checked out the evening showcases, which cater mostly to smaller and newer exhibitors. The first, CES Unveiled, didn’t have much under the veil. Most of the exhibitors were small companies with, at best, incrementally innovative products. The lineups at Showstoppers and Pepcom’s Digital Experience were better, but aside from a 300-mile marathon trek on a Onewheel electric board, there weren’t many wow moments. Same for Eureka Park, the now huge section of the CES show floor dedicated to start up companies. There were plenty of toys, and lots of me-too products and barely discernible upgrades to existing products.

Looking ahead, one path for startup success will be through the big AI platform operators, either the generic ones like Amazon or Google, or the in house systems developed by the big boys.

This year will also be remembered as the year when cars became a consumer electronics product. The north hall of the Las Vegas Convention Center looked like a car show. Automakers have exhibited in past years, but there were more of them, and more with marketing messages crafted around connected services. Even ones that you wouldn’t ordinarily associate with the automotive market, such as health monitoring.

Carmakers also have extensive AI projects underway, as the rush towards self driving cars picks up speed. If cars are just another consumer electronics platform, then the big auto companies will also be players in the consumer AI game.

Far from collapsing, the consumer electronics industry on display at CES was expanding into new services and new sectors, all of them linked by live data streams.