Timesdelhi.com

January 18, 2019
Category archive

reporter

Scooter startup Bird tried to silence a journalist. It did not go well.

in bank/blogs/Boing Boing/China/copyright law/cyberpunk/Delhi/digital media/electronic/India/Internet/journalist/lawsuit/online rights/Politics/reporter/Security/spokesperson/Startups/Transportation by

Cory Doctorow doesn’t like censorship. He especially doesn’t like his own work being censored.

Anyone who knows Doctorow knows his popular tech and culture blog Boing Boing, and anyone who reads Boing Boing knows Doctorow and his cohort of bloggers. The part-blogger, part special advisor at the online rights group Electronic Frontier Foundation, has written for years on topics of technology, hacking, security research, online digital rights, and censorship and its intersection with free speech and expression.

Yet, this week it looked like his own free speech and expression could have been under threat.

Doctorow revealed in a blog post on Friday that scooter startup Bird sent him a legal threat, accusing him of copyright infringement and that his blog post encourages “illegal conduct.”

In its letter to Doctorow, Bird demanded that he “immediately take[s] down this offensive blog.”

Doctorow declined, published the legal threat, and fired back with a rebuttal letter from the EFF accusing the scooter startup of making “baseless legal threats” in an attempt to “suppress coverage that it dislikes.”

The whole debacle started after Doctorow wrote about about how Bird’s many abandoned scooters can be easily converted into a “personal scooter” by swapping out its innards with a plug-and-play converter kit. Citing an initial write-up by Hackaday, these scooters can have “all recovery and payment components permanently disabled” using the converter kit, available for purchase from China on eBay for about $30.

In fact, Doctorow’s blog post was only two paragraphs long and, though didn’t link to the eBay listing directly, did cite the hacker who wrote about it in the first place — bringing interesting things to the masses in bitesize form in in true Boing Boing fashion.

Bird didn’t like this much, and senior counsel Linda Kwak sent the letter — which the EFF published today — claiming that Doctorow’s blog post was “promoting the sale/use of an illegal product that is solely designed to circumvent the copyright protections of Bird’s proprietary technology, as described in greater detail below, as well as promoting illegal activity in general by encouraging the vandalism and misappropriation of Bird property.” The letter also falsely stated that Doctorow’s blog post “provides links to a website where such Infringing Product may be purchased,” given that the post at no point links to the purchasable eBay converter kit.

EFF senior attorney Kit Walsh fired back. “Our client has no obligation to, and will not, comply with your request to remove the article,” she wrote. “Bird may not be pleased that the technology exists to modify the scooters that it deploys, but it should not make baseless legal threats to silence reporting on that technology.”

The three-page rebuttal says Bird used incorrectly cited legal statutes to substantiate its demands for Boing Boing to pull down the blog post. The letter added that unplugging and discarding a motherboard containing unwanted code within the scooter isn’t an act of circumventing as it doesn’t bypass or modify Bird’s code — which copyright law says is illegal.

As Doctorow himself put it in his blog post Friday: “If motherboard swaps were circumvention, then selling someone a screwdriver could be an offense punishable by a five year prison sentence and a $500,000 fine.”

In an email to TechCrunch, Doctorow said that legal threats “are no fun.”

AUSTIN, TX – MARCH 10: Journalist Cory Doctorow speaks onstage at “Snowden 2.0: A Field Report from the NSA Archives” during the 2014 SXSW Music, Film + Interactive Festival at Austin Convention Center on March 10, 2014 in Austin, Texas. (Photo by Travis P Ball/Getty Images for SXSW)

“We’re a small, shoestring operation, and even though this particular threat is one that we have very deep expertise on, it’s still chilling when a company with millions in the bank sends a threat — even a bogus one like this — to you,” he said.

The EFF’s response also said that Doctorow’s freedom of speech “does not in fact impinge on any of Bird’s rights,” adding that Bird should not send takedown notices to journalists using “meritless legal claims,” the letter said.

“So, in a sense, it doesn’t matter whether Bird is right or wrong when it claims that it’s illegal to convert a Bird scooter to a personal scooter,” said Walsh in a separate blog post. “Either way, Boing Boing was free to report on it,” she added.

What’s bizarre is why Bird targeted Doctorow and, apparently nobody else — so far.

TechCrunch reached out to several people who wrote about and were involved with blog posts and write-ups about the Bird converter kit kit. Of those who responded, all said that they had not received a legal demand from Bird.

We asked Bird why it sent the letter, and if this was a one-off letter or if Bird had sent similar legal demands to others. When reached, a Bird spokesperson did not comment on the record.

All too often, companies send legal threats and demands to try to silence work or findings that they find critical, often using misinterpreted, incorrect or vague legal statutes to get things pulled off from the internet. Some companies have been more successful than others, despite an increase in awareness and bug bounties, and a general willingness to fix security issues before they inevitably become public.

Now Bird becomes the latest in a long list of companies that have threatened reporters or security researchers, alongside companies like drone maker DJI, which in 2017 threatened a security researcher trying to report a bug in good faith, and spam operator River City, which sued a security researcher who found the spammer’s exposed servers and a reporter who wrote about it. Most recently, password manager maker Keeper sued a security reporter claiming allegedly defamatory remarks over a security flaw in one of its products. The case was eventually dropped but not before over 50 experts, advocates, and journalist (including this reporter) signed onto a letter calling for companies to stop using legal threats to stifle — and silence security researcher.

That effort resulted in several companies — notably LinkedIn and Tesla — to double down on their protection of security researchers by changing their vulnerability disclosure rules to promise that the companies will not seek to prosecute hackers acting in good-faith.

But some companies have bucked that trend and have taken a more hostile, aggressive — and regressive — approach to security researchers and reporters.

“Bird Scooters and other dockless transport are hugely controversial right now, thanks in large part to a ‘move-fast, break-things’ approach to regulation, and it’s not surprising that they would want to control the debate,” said Doctorow.

“But to my mind, this kind of bullying speaks volumes about the overall character of the company,” he said.

News Source = techcrunch.com

Twitter, those ‘verified’ bitcoin-pushing pillocks are pissing everyone off

in cryptocurrencies/cryptocurrency/Delhi/Federal government/Hack/India/money/Politics/reporter/Security/Software/spokesperson/Technology by

Elon Musk’s tweets piss me off for two reasons.

When he’s not accusing actual heroes of sex crimes or trolling the federal government, it’s what comes after that drives me batshit. The top reply to most of his tweets is some asshat impersonating him to try to trick his followers into falling for a bitcoin scam.

These “get rich quick” scams are fairly simple. A hacker hijacks a verified Twitter account using stolen or leaked passwords. Then, the hacker swaps the account’s name, bio and photo — almost always to mirror Elon Musk — and drops a reply with “here’s where to send your bitcoin,” or something similar.

The end result appears as though Musk is responding to his own tweet, and nudging hapless bitcoin owners to drop their coins into the scammer’s coffers.

One of the latest “victims” was @FarahMenswear. The clothing retailer — with some 15,500 followers — was hacked this morning to promote a “bitcoin giveaway.” In the short time the scam began, the bitcoin address already had more than 100 transactions and over 5.84 bitcoins — that’s $37,000 in just a few hours’ work. Many Twitter users said that the scammers “promoted” the tweet — amplifying the scam to reach many more people.

On one hand, this scam is depressingly easy to pull off that even I could’ve done it. Depressing on the other, because that’s half a year’s wages for the average reporter.

Still, that $37,000 is a drop in the ocean to some of the other successful scam artists out there. One scammer last week, this time using @PantheonBooks, made $180,000 in a single day by tricking people into turning over their bitcoin and promising great returns.

Another day, another Elon Musk-themed bitcoin scam. (Image: screenshot)

Why is the scam so easy?

Granted, it’s clever. But it’s a widespread problem that can be largely attributed to Twitter’s nonchalant, “laissez-faire” approach to account security.

The common thread to all of these cryptocurrency scams involve hijacking accounts. Often, hackers use credential stuffing — that’s using the same passwords stolen from other breaches on other sites and services — to break into Twitter accounts. In nearly all successful cases, the hacked Twitter accounts aren’t protected with two-factor authentication. Brand accounts shared by multiple social media users almost never use two-factor, because it’s hard to share access tokens.

For its part, a Twitter spokesperson said it’s improved how it handles cryptocurrency scams and has seen a significant reduction in the amount of users who see scammy tweets. The company also said that scammers are constantly changing their methods and Twitter is trying to stay one step ahead. In many cases, these scams are nuked from the site before they’re even reported.

And, Twitter said it regularly reminds account owners to switch on stronger security settings, like two-factor authentication.

Well, enough’s enough, Twitter. You can lead a horse to water but you can’t make it drink. So maybe it’s about time you bring the water a little closer.

Until something better comes along, Twitter should make two-factor authentication mandatory for verified accounts, especially high-profile accounts — like politicians. It’s no more of an inconvenience than switching on two-factor for your email inbox or other social networking account. The settings are already there — it even rolled out the more secure app-based authentication a year ago to give users the option of switching from the less-secure text message system.

If the only other option is to stop Elon Musk from tweeting…

News Source = techcrunch.com

Inside the pay-for-post ICO industry

in Blog/Buzzfeed/ceo/Culture/Delhi/digital media/editor/fiction/Forbes/harvard/ICO/India/journalist/LinkedIn/Politics/public relations/reporter/Startups/TC/United States by

In a world where nothing can be trusted and fake news abounds, ICO and crypto teams are further muddying the waters by trying – and often failing – to pay for posts. While bribes for blogs is nothing new, sadly the current crop of ICO creators and crypto projects are particularly interested in scaling fast and many ICO CEOs are far happier with scammy multi-level marketing tricks than real media relations.

The worst part of this spammy, scammy ecosystem is the service providers. A new group of media organizations are appearing where pay-to-post is the norm rather than the rare exception. I’ve been looking at these groups for a while now and recently found a few egregious examples.

But first some background.

Oh yeah, Mr. Smart Guy? How do I get press?

Say you’re trying to publicize a startup. You’ve emailed all the big names in the industry and the emails have gone unanswered. Your product is about to flounder on the market without users and you can’t get any because, in perfect chicken-or-egg fashion, you can’t get funding without users and you can’t get users without funding. So isn’t it a good idea to pay a few dollars for a little press?

No.

And isn’t most PR just pay-for-post anyway?

No.

PR people are consummate networkers and are paid to reach out to media on your behalf and their particular set of skills, honed over long careers, are dedicated to breaking down the forcefield between the journalist and the outside world. They are your surrogate hustlers, dedicated to getting you more exposure. A good PR person is worth their weight in gold. They can call up a popular journalist and make a simple pitch: “This cool new thing is happening. Can I put you in touch?”

If a journalist’s mission is to afflict the comfortable and comfort the afflicted, a good PR person makes the comfortable look slightly afflicted in order to give the journalist a better story. Also, like velociraptors, they are tenacious and will follow up multiple times on your behalf.

A bad PR person, on the other hand, will cold-call hundreds of journalists and read a script that is half the length of Moby Dick. They produce little more than spam and their efforts begin and end with pressing the “Send” button. It’s also interesting to note that many bad PR people, of late, have found new life as ICO specialists.

Now meet the pay-for-post hucksters. As I wrote before, there is now a subset of the PR world that offers to get your press release or story on the top of various websites for the low, low price of between $500 and $13,000. For example, one set of hucksters created a small business selling posts on Harvard.edu by creating garbage WordPress blogs and posting press releases to increase SEO coverage. Further, I received a document that outlined the prices for placement in various blogs including this one. While it is impossible to buy a post on TechCrunch this way, it doesn’t stop many from trying.

What’s the difference between that price list and the job a PR person will do for you? The difference is trust. A pay-for-post huckster is dependent on convincing poorly paid freelance writers to add links and other dross to their posts in order to get a “placement.” I get requests like this almost every day and almost all the journalists I talked to reported the same.

Some entrepreneurs are savvy enough to avoid these scams. Even more aren’t.

“I’ve never paid since I think it’s almost always a waste of money but I’ve been offered this type of coverage many times,” said Rick Ramos, of HealthJoy.com. “The last offer was for Kathy Ireland’s Worldwide Business… A TV show that I’ve never heard of in my life. I’ve also been approached by niche publications like InsuranceOutlook and HealthCareTechOutlook that want $3,000 for a ‘reprint branding package.’ A quick Alexa.com search shows their rank as 1,725,207 and 1,054,501 globally. I think I get pitched at least every six months for one of these types of packages.

Unfortunately, many of these organizations hide their request for payment until the last minute. That said, how do you know when it’s someone selling pay-for-play vs. a real editor? It’s usually obvious.

“It’s usually pretty easy to sniff out based on their email blast. It’s pretty untargeted with no reference to what your company does or how it related to a story. Some people are up front about the payment but others want a ’15 min call to discuss.’ A quick LinkedIn search always shows them as a sales person versus a reporter or editor,” said Ramos.

It’s getting worse

This is a document I received from a company attempting an ICO. This sort of menu was quite uncommon until fairly recently when the “on-demand” economy melded with PR scammers. The completeness of the document is unique – you could feasibly plan your own PR efforts just by reaching out to journalists who work at all of these places. But you’ll also note that each spot has its own price, often in the low hundreds of dollars, which means that those spots are mostly pay-for-play anyway.


ICOLists by on Scribd


No PR company can promise coverage. In fact, many pay-for-play folks mention this in their communications, hiding it in plain sight. This snippet of text appeared in a contract for work from one of the pay-for-play providers. In short, you’re paying for something they cannot guarantee to get. Interestingly, the PR company below calls their product an IO – an insertion order – which is language used in ad sales. Further, they take great pains in explaining that it is almost impossible to achieve what they promise.

None of the pay-for-post folks I mentioned here would respond to my requests for comment.

Counter-point: Journalists are also at fault

Journalists should never expect money for coverage.

Yet many do.

“Lately I have worked on a number of blockchain technology pieces and I have encountered a wide variety of these asks,” said Brittany Whitmore, CEO at Exvera Communications. “A lot of the new, smaller blockchain-focused outlets seem to do a lot of pay-to-play, likely trying to capitalize on the ICO gold rush. The strangest request that I received was that the outlet would do a an article about the news for free but only if we paid them over $1,000 to promote the article with ads. I did not proceed.”

In one very detailed article on The Outline, Jon Christian explored this world and found that many writers received small sums for a single brand mention in a story, a sort of SEO flogging that rarely helps. He wrote:

An unpaid contributor to the Huffington Post, also speaking on condition of anonymity because, in his words, “I would be pretty fucked if my name got out there,” said that he has included sponsored references to brands in his articles for years, in articles on the Huffington Post and other sites, on behalf of six separate agencies. Some agencies pay him directly, he said, in amounts that can be as small as $50 or $175, but others pay him through an employee’s personal PayPal account in order to obfuscate the source of the funds. In a statement, Huffington Post said “Using the HuffPost Contributors Network to self-publish paid content violates our terms of use. Anyone we discover to be engaging in such abuse has their post removed from the site and is banned from future publication.”
The Huffington Post writer also described specific brands he’d written about on behalf of one of the agencies, which ranged from a popular ride-hailing app, to a publicly-traded site for booking flights and hotels, to a large American cell phone service provider.
“This is a classic example of payola,” he said of the brand mentions, invoking a term that’s been used to describe radio DJs who accept payments from record companies in order to play certain artists on the air.

Further, many influencers – folks who sell their Internet fame to the highest bidder – masquerade as journalists, asking for outrageous sums to flog an ICO on their YouTube channel or Instagram page. Pay-for-play services can also put out organic content like this in hopes of appearing in the news.

The rule of thumb? Paid posts and native advertising are not journalism. Ultimately, journalists who charge for coverage are marketers. No one at any reputable news organization will ask for cash but, sadly, there are a number of disreputable news organizations making the rounds.

ICO spamming/Don’t do it

All this still doesn’t answer the question: Should you pay-to-post?

“The short answer is no,” said Kevin Bourke of BourkePR. “I get asked all the time, and in fact, turned down another request just today. And I advise my clients to decline these offers as well.”

Pay-for-post disrupts journalism in a way that should be familiar and desirable to any modern-day entrepreneur. Middlemen are being knocked out everywhere and brands are approaching consumers from every angle including native ads in Instagram and Twitter. But the value of coverage – real coverage – from a journalists perspective is the opportunity to explain complex ideas to a ready audience. While posting a picture of a blockchain on Facebook and hoping for clicks is one strategy, explaining your views, opinions, and insights is far more important even if you approach it from a mercenary position.

“When you start paying for placement, you remove objectivity and credibility, and in my opinion, this is the reason you look for coverage of your company/products in the first place. That’s what influences readers/viewers. But I understand the temptation for startups. You come to believe that ‘all visibility is good visibility.’ I just can’t agree with that,” said Bourke. “I see the trend toward paid placements (now called sponsored content), paid awards and I can’t stand it – especially with the trade show awards in high tech. They’ve completely devalued the Best of Show awards in so many cases. Typically, only the big companies with budgets can afford them, so many of the smaller guys with no money but amazing products get left out. I understand that the publishing industry needs to figure out new revenue streams – these are very difficult times for them. But they need to figure out smarter business models and maintain the integrity of editorialized content, built on the opinions and perspectives of journalists and influencers.”

News Source = techcrunch.com

Nike debuts its most ambitious SNKRS stash drop for the Championship Tour featuring Kendrick Lamar and SZA

in Adidas/Air Force/Apple/Delhi/Fashion/footwear/India/Los Angeles/national basketball association/NBA/Nike/NikePlus/Politics/reporter/Shoes/sneakers/spokesperson/Stash/TC/Technology Partners by

On a mild Thursday night at the Los Angeles Forum, Nike’s public relations team and a group of journalists from some of the country’s leading lifestyle, tech, and general interest websites gathered to see the debut of Nike’s most ambitious SNKRS stash drop.

Launched in conjunction with Kendrick Lamar’s Top Dawg Entertainment, the collaboration between Nike and Lamar marks a series of firsts for the world’s largest sports and lifestyle brand.

The combined effort is the first capsule collection that Nike has done with a musician. It’s also the first time that anyone currently working at the company can remember the apparel company signing on with a musician for select tour merchandise, and the debut of the stash drop through the SNKRS app was the largest the company’s tech had tried to tackle.

For concertgoers, rolling up to the concert in Supreme sweats, Yeezys, Adidas, Pumas… and, of course, Nikes, the SNKRS stash drop would be a surprise. For folks who had downloaded Nike’s SNKRS app, they’d be able to buy and reserve a pair of Kendrick Lamar’s limited edition Cortez Kenny IIIs at the concert.

At least on the first night, things didn’t go as planned.

Working with live events like concerts, where timing is less regimented than at a typical sporting event (which are marked by tip offs and halftimes that adhere to a pretty regimented schedule), proved too much for the initial rollout of the company’s stash drop.

Select NikePlus members received an initial push notification of the Stash drop and a card in the SNKRS feed also advertised the special stash drop, in addition to a notification that flashed onscreen between the (amazing)  SchoolboyQ set and SZA’s (equally amazing) performance.

There will be other chances to get the timing down, but for the first concert in Los Angeles, concertgoers were prompted to launch the SNKRS app and try and snag a pair of the limited edition shoes well before the activation actually went live.

Once the shoes did go on sale, the user interface for finding and reserving the shoes didn’t work for everyone there — in fact, only one reporter from the group was able to reserve a pair of the shoes (since that reporter hadn’t saved payment information onto the SNKRS app, those shoes were released).

“I can’t get the app to do what I need,” said one concertgoer trying to snag a pair of shoes.

The team at Nike said the concert’s late start caused the miscue. Roughly 30 minutes after the sneakers were supposed to onsale, the activation went live — something journalists were only made aware of when notified by Nike’s public relations team.

Once the sale did go live, the shoes sold out within the first five minutes, although it’s unclear how many were made available through the stash drop (Nike declined to provide a number).

The SNKRS app is only one example of Nike’s innovative approach to integrating technology and fashion. In April, Nike launched the first sneaker that’s integrated with its NikeConnect technology.

Unveiled earlier this year through a collaboration with the NBA, the NikeConnect app allows users to access information on players and stats through a label enabled with near field communications chips.

Nike’s Air Force Ones enabled with the NikeConnect tech will open a special limited release sneaker sale opportunity called “The Choice”, but Nike has higher hopes for the technology.

“We would love to be able to award sweat equity with access to exclusive products or a partnership,” said a spokesperson for the company in an interview last year.

“NikeConnect [is] a great way for us to get interesting data about our members and deliver unlocks that are relevant to those members,” the spokesperson said.

Beyond the unlocks for exclusive sneaker offers, Nike is thinking about ways to include all of its technology partners in ways that benefit NikeConnect, NikePlus, and SNKRS users.

“We’re excited to learn how unlocks are being received right now,” said the spokesperson. “There is a pretty comprehensive ecosystem of value that we’ve been building for our members… Members who are really active with us are getting rewards or achievements [and] that could include partners like Apple… that we’ll be bringing to the table to round out your whole holistic sport experience.”

 

 

News Source = techcrunch.com

ICOs like to move fast and break (lots of) things

in Bitcoin/blockchain/Cisco/computing/cryptocurrencies/Delhi/India/information/Pets.com/Politics/reporter/Startups/TC/Technology by

Startup life is full of quick, lateral thinking. “Move fast and break things” is the mantra. However, with the rise of token sales – essentially vehicles for untested startups to raise millions in a few minutes – lots of stuff gets broken and little gets fixed.

Take BCT – the Blockchain Terminal – for example. This frothy project led by Bob Bonomo, a former hedge fund guy turned Blockchain guru, features some interesting breakages.

Yesterday at about 3pm Eastern Time the company’s FAQ – which has since been updated but is still hidden here – read something like this:

While this sort of techno greeking is fine if you’re sending mock-ups back and forth, the token sale had been running since April 1st, a fact that was baffling to me and another reporter. Was this an April Fool’s joke? No, because when I visited the sale’s Telegram room I found a group of happy buyers asking questions about their future tokens.

Ever the reporter, I asked if anyone had seen the terminals and a community manager sent me this:

Interesting… blank screens at a demo event. The other CM, quicker on the draw, sent this:

Fair enough. In fact, crypto needs a product like this to legitimize it with Wall Street. But clearly they were moving so fast that the wheels were falling off.

Finally I did the obvious thing: visit the white paper. There we find that the Terminal is being built in conjunction with FactSet, a venerable research company that has seen all the vicissitudes of financial data. In fact, the paper is a tour-de-force on par with the best of the white papers I’ve seen. But we also discover that the white paper is a draft.

In short, BCT wouldn’t pass the average human investor sniff test but is definitely well on the way to completing its token sale. This is a problem.

BCT is not alone. I’ve spoken to development houses working with founders who barely understand cryptocurrency let alone understand their own token sales. I’ve seen founders’ eyes light up like the Big Bad Wolf eyeing Porky Pig when they talk about all the capital they will unlock. And I spoke to a founder on stage who said he would be very careful with the $80 million they raised for a company designed to raise money for ICOs. Greed is clouding this market in ways that are at once dangerous and comical.

There is precedent for this. In the early days of the Internet and even the frothiest dot-com days you could see the avarice in the eyes of Pets.com and Cisco executives who knew that big money was just around the corner. And we can’t begrudge these founders their excitement. What founder wouldn’t want the sweet feeling of being fully funded for, we presume, the next decade?

I’ve been following token sales with great interest over the past few months for a few reasons. First, I understand the hype cycle. I’ve seen tactics used by token sellers used before by hardware sellers, most notably with flops like the Phantom gaming console and the Notion Ink Adam, and there is a stink that permeates projects that are, at best, half-baked.

I want token sales to thrive as a method to raise capital. I want small startups to be able to turn on a spigot previously available to the well-connected and well-heeled. But the exact opposite seems true. Bankers are moving into a technology space that they little understand while carpetbaggers – lawyers, PR folks, advisors – are working hard to extract cash out of these windfalls. In the end the token sale industry should formalize itself and become as boring as the VC industry. I just hope it survives long enough to get there.

News Source = techcrunch.com

Go to Top