Year: 2018

Assuming you have your strong passwords in place and your two-factor authentication set up, you think your accounts are now safe? Think again. There’s much more to be done.

You might think your Social Security or bank account numbers are the most sensitive digits in your life. Nowadays, hackers can do far more damage with little effort using just your cell phone number. But unlike your Social Security number, you’re far less likely to keep your cell phone number a secret — otherwise nobody can contact you!

Whether you’re an AT&T, Verizon, Sprint or T-Mobile customer, every cell phone number can be a target for hackers. And it takes remarkably little effort to wreak havoc to your online life.

Why you need to protect your phone number

Your cell phone number is a single point of failure.

Think about it. You use your cell phone number all the time. You use it when you sign up to sites and services, and sometimes you’ll use it to log into an app or a game on your phone. Your phone number can be used to reset your account if you forget your password. And, you use it for two-factor authentication to securely login to your accounts.

If someone steals your phone number, they become you — for all intents and purposes. With your phone number, a hacker can start hijacking your accounts one by one by having a password reset sent to your phone. They can trick automated systems — like your bank — into thinking they’re you when you call customer service. And worse, they can use your hijacked number to break into your work email and documents — potentially exposing your employer up to data theft.

Just think of every site and service that has your phone number. That’s why you need to protect your phone number.

How do hackers steal cell phone numbers?

It’s easier than you might think. Phone numbers can be found anywhere – thanks in part to so many data breaches.

Often, hackers will find the cell phone number of their target floating around the internet (or from a phone bill in the garbage), and call up their carrier impersonating the customer. With a few simple questions answered — often little more than where a person lives or their date of birth, they ask the customer service representative to “port out” the phone number to a different carrier or a SIM card.

That’s it. As soon as the “port out” completes, the phone number activates on an attacker’s SIM card, and the hacker can send and receive messages and make calls as if they were the person they just hacked.

In most cases, the only sign that it happened is if the victim suddenly loses cell service for no apparent reason.

From there, it’s as simple as initiating password resets on accounts associated with that phone number. Facebook, Gmail, Twitter — and more. A hacker can use your hijacked phone number to steal all of your cryptocurrency, take over your vanity Instagram username or maliciously delete all of your data.

You can read what happened to TechCrunch’s own John Biggs when his phone number was hijacked.

In the worst cases, it can be difficult or impossible to get your phone number back — let alone the accounts that get broken into. Your best bet is to make sure it never happens in the first place.

What you can do to protect your phone number

Just like you can apply two-factor authentication to your online accounts, you can add a secondary security code to your cell phone account, too.

You can either call up customer services or do it online. (Many feel more reassured by calling up and talking to someone.) You can ask customer service, for example, to set a secondary password on your account to ensure that only you — the account holder — can make any changes to the account or port out your number.

Every carrier handles secondary security codes differently. You may be limited in your password, passcode or passphrase, but try to make it more than four to six digits. And make sure you keep a backup of the code!

For the major carriers:

• AT&T has a guide on how to set up extra security on your account.
• T-Mobile allows you to set up a customer passcode.
• Verizon explains how you can add a PIN to your account.
• Sprint also lets you add an account PIN for greater security.

If your carrier isn’t listed, you might want to check if they employ a similar secondary security code to your account to prevent any abuse. And if they don’t, maybe you should port out your cell phone number to a carrier that does.

Check out our full Cybersecurity 101 guides here.

So you want to browse the web securely and privately? Here’s a hard truth: it’s almost impossible.

It’s not just your internet provider that knows which sites you visit, it’s also the government — and other governments! And when it’s not them, it’s social media sites, ad networks or apps tracking you across the web to serve you specific and targeted ads. Your web browsing history can be highly personal. It can reveal your health concerns, your political beliefs and even your porn habits — you name it. Why should anyone other than you know those things?

Any time you visit a website, you leave a trail of data behind you. You can’t stop it all — that’s just how the internet works. But there are plenty of things that you can do to reduce your footprint.

Here are a few tips to cover most of your bases.

A VPN can help hide your identity, but doesn’t make you anonymous

You might have heard that a VPN — or a virtual private network — might keep your internet traffic safe from snoopers. Well, not really.

A VPN lets you create a dedicated tunnel that all of your internet traffic flows through — usually a VPN server — allowing you to hide your internet traffic from your internet provider. That’s good if you’re in a country where censorship or surveillance is rife or trying to avoid location-based blocking. But otherwise, you’re just sending all of your internet traffic to a VPN provider instead. Essentially, you have to choose who you trust more: your VPN provider or your internet provider. The problem is, most free VPN providers make their money by selling your data or serving you ads — and some are just downright shady. Even if you use a premium VPN provider for privacy, they can connect your payment information to your internet traffic, and many VPN providers don’t even bother to encrypt your data.

Some VPN providers are better than others: tried, tested — and trusted — by security professionals.

Services like WireGuard are highly recommended, and are available on a variety of devices and systems — including iPhones and iPads. We recently profiled the Guardian Mobile Firewall, a smart firewall-type app for your iPhone that securely tunnels your data anonymously so that even its creators don’t know who you are. The app also prevents apps on your phone from tracking you and accessing your data, like your contacts or your geolocation.

As TechCrunch’s Romain Dillet explains, the best VPN providers are the ones that you control yourself. You can create your own Algo VPN server in just a few minutes. Algo is created by Trial of Bits, a highly trusted and respected security company in New York. The source code is available on GitHub, making it far more difficult to covertly insert backdoors into the code.

With your own Algo VPN setup, you control the connection, the server, and your data.

You’ll need a secure DNS

What does it mean that “your internet provider knows what sites you visit,” anyway?

Behind the scenes on the internet, DNS — or Domain Name System — converts web addresses into computer-readable IP addresses. Most devices automatically use the resolver that’s set by the network you’re connected to — usually your internet provider. That means your internet provider knows what websites you’re visiting. And recently, Congress passed a law allowing your internet provider to sell your browsing history to advertisers.

You need a secure and private DNS provider. Many use publicly available services — like OpenDNS or Google’s Public DNS. They’re easy to set up — usually on your computer or device, or on your home router.

One recommended offering is Cloudflare’s secure DNS, which it calls 1.1.1.1. Cloudflare encrypts your traffic, won’t use your data to serve ads, and doesn’t store your IP address for any longer than 24 hours. You can get started here, and you can even download Cloudflare’s 1.1.1.1 app from Apple’s App Store and Google Play.

HTTPS is your friend

One of the best things for personal internet security is HTTPS.

HTTPS secures your connection from your phone or your computer all the way to the site you’re visiting. Most major websites are HTTPS-enabled, and appear as such with a green padlock in the address bar. HTTPS makes it almost impossible for someone to spy on your internet traffic intercept and steal your data in transit.

Every time your browser lights up in green or flashes a padlock, HTTPS encrypts the connection between your computer and the website. Even when you’re on a public Wi-Fi network, an HTTPS-enabled website will protect you from snoopers on the same network.

Every day, the web becomes more secure, but there’s a way to go. Some websites are HTTPS ready but don’t have it enabled by default. That means you’re loading an unencrypted HTTP page when you could be accessing a fully HTTPS page.

That’s where one browser extension, HTTPS Everywhere, comes into play. This extension automatically forces websites to load HTTPS by default. It’s a lightweight, handy tool that you’ll forget is even there.

Reconsider your web plug-ins

Remember Flash? How about Java? You probably haven’t seen much of them recently, because the web has evolved to render them obsolete. Both Flash and Java, two once-popular web plug-ins, let you view interactive content in your web browser. But nowadays, most of that has been replaced by HTML5, a technology native to your web browser.

Flash and Java were long derided for their perpetual state of insecurity. They were full of bugs and vulnerabilities that plagued the internet for years — so much so that web browsers started to pull the plug on Java back in 2015, with Flash set to sunset in 2020. Good riddance!

If you don’t use them — and most people don’t anymore — you should remove them. Just having them installed can put you at risk of attack. It takes just a minute to uninstall Flash on Windows and Mac, and to uninstall Java on Windows and Mac.

Most browsers — like Firefox and Chrome — let you run other add-ons or extensions to improve your web experience. Like apps on your phone, they often require certain access to your browser, your data or even your computer. Although browser extensions are usually vetted and checked to prevent malicious use, sometimes bad extensions slip through the net. Sometimes, extensions that were once fine are automatically updated to contain malicious code or secretly mine cryptocurrency in the background.

There’s no simple rule to what’s a good extension and what isn’t. Use your judgment. Make sure each extension you install doesn’t ask for more access than you think it needs. And make sure you uninstall or remove any extension that you no longer use.

These plug-ins and extensions can protect you

There are some extensions that are worth their weight in gold. You should consider:

• An ad-blocker: Ad-blockers are great for blocking ads — as the name suggests — but also the privacy invasive code that can track you across sites. uBlock is a popular, open source efficient blocker that doesn’t consume as much memory as AdBlock and others. Many ad-blockers now permit “acceptable ads” that allow publishers to still make money but aren’t memory hogs or intrusive — like the ones that take over your screen. Ad-blockers also make websites load much faster.
• A cross-site tracker blocker: Privacy Badger is a great tool that blocks tiny “pixel”-sized trackers that are hidden on web pages but track you from site to site, learning more about you to serve you ads. To advertisers and trackers, it’s as if you vanish. Ghostery is another example of an advanced-level anti-tracker that aims to protect the user by default from hidden trackers.

And you could also consider switching to more privacy-minded search engines, like DuckDuckGo, a popular search engine that promises to never store your personal information and doesn’t track you to serve ads.

Use Tor if you want a better shot at anonymity

But if you’re on the quest for anonymity, you’ll want Tor.

Tor, known as the anonymity network is a protocol that bounces your internet traffic through a series of random relay servers dotted across the world that scrambles your data and covers your tracks. You can configure it on most devices and routers. Most people who use Tor will simply use the Tor Browser, a preconfigured and locked-down version of Firefox that’s good to go from the start — whether it’s a regular website, or an .onion site — a special top-level domain used exclusively for websites accessible only over Tor.

Tor makes it near-impossible for anyone to snoop on your web traffic, know which site you’re visiting, or that you are the person accessing the site. Activists and journalists often use Tor to circumvent censorship and surveillance.

But Tor isn’t a silver bullet. Although the browser is the most common way to access Tor, it also — somewhat ironically — exposes users to the greatest risk. Although the Tor protocol is largely secure, most of the bugs and issues will be in the browser. The FBI has been known to use hacking tools to exploit vulnerabilities in the browser in an effort to unmask criminals who use Tor. That puts the many ordinary, privacy-minded people who use Tor at risk, too.

It’s important to keep the Tor browser up to date and to adhere to its warnings. The Tor Project, which maintains the technology, has a list of suggestions — including changing your browsing behavior — to ensure you’re as protected as you can be. That includes not using web plug-ins, not downloading documents and files through Tor, and keeping an eye out for in-app warnings that advise you on the best action.

Just don’t expect Tor to be fast. It’s not good for streaming video or accessing bandwidth-hungry sites. For that, a VPN would probably be better.

Check out our full Cybersecurity 101 guides here.

Text messaging has been around since the dawn of cellular technology, and sparked its own unique language. But it’s time to put sending regular SMS messages out to pasture.

If you have an iPhone, you’re already on your way. iPhones (as well as iPads and Macs) use iMessage to send messages between Apple devices. It’s a data-based messaging system reliant on 3G, 4G, and Wi-Fi, rather than SMS messaging, which uses an old, outdated but universal 2G cellular network. iMessage has grown in popularity, but has left Android devices and other computers out in the dark.

That’s where other messaging services have filled a gap in the market.

Apps like Signal, WhatsApp, Wire and Wickr are also data-based and work across platforms. Best of all, they’re end-to-end encrypted, which means sent messages are scrambled on one end of the conversation — the device — and unscrambled at the other end on the recipient’s device. This makes it near-impossible for anyone — even the app maker — to see what’s being said.

Many popular apps, like Instagram, Skype, Slack and Snapchat don’t offer end-to-end encryption at all. Facebook Messenger has the option to use “secret” end-to-end encrypted messaging, but isn’t enabled by default.

Here’s what you need to know.

Why hate on SMS messaging?

SMS, or short messaging service, is more than three decades old. It’s generally reliable, but it’s outdated, archaic and expensive. There are also several reasons why SMS messaging is insecure.

SMS messages aren’t encrypted, meaning the contents of each text message are viewable to mobile carriers and governments, and can even be intercepted by organized and semi-skilled hackers. That means even if you’re using SMS to secure your online accounts using two-factor authentication, your codes can be stolen. Just as bad, SMS messages leak metadata, which is information about the message but not the contents of the message itself, such as the phone number of the sender and the recipient, which can identify the people involved in the conversation.

SMS messages can also be spoofed, meaning you can never be completely sure that a SMS message came from a particular person.

And a recent ruling by the Federal Communications Commission now gives cell carriers greater powers to block SMS messages. The FCC said it will cut down on SMS spam, but many worry that it could be used to stifle free speech.

In all of these cases, the answer is an encrypted messaging app.

What are the best encrypted messaging apps?

The simple answer is Signal, an open source, end-to-end encrypted messaging app seen as the gold standard of secure consumer messaging services.

Signal supports and encrypts all of your messages, calls and video chats with other Signal users. Some of the world’s smartest security professionals and cryptography experts have looked at and verified its code, and trust its security. The app uses your cell phone number as its point of contact — which some have criticized, but it’s easy to set the app up with a dedicated phone number without losing your own cell number. Other than your phone number, the app is built from the ground up to collect as little metadata as possible.

A recent government demand for Signal’s data showed that the app maker has almost nothing to turn over. Not only are your messages encrypted, each person in the conversation can set messages to expire — so that even if a device is compromised, the messages can be set to already disappear. You can also add a separate lock screen on the app for additional security. And the app keeps getting stronger and stronger. Recently, Signal rolled out a new feature that masks the phone number of a message sender, making it better for sender anonymity.

But actually, there is a far more nuanced answer than “just Signal.”

Everyone has different needs, wants and requirements. Depending on who you are, what your job is, and who you talk to will determine which encrypted messaging app is best for you.

Signal may be the favorite app for high-risk jobs — like journalism, activism, and government workers. Many will find that WhatsApp, for example, is good enough for the vast majority who just want to talk to their friends and family without worrying about someone reading their messages.

You may have heard some misinformed things about WhatsApp in recent years, sparked largely by incorrect and misleading reporting that claimed there was a “backdoor” to allow third parties to read messages. Those claims were unsubstantiated. WhatsApp does collect some data on its 1.5 billion users, like metadata about who is contacting whom, and when. That data can be turned over to police if they request it with a valid legal order. But messages cannot be read as they are end-to-end encrypted. WhatsApp can’t turn over those messages even if it wanted to.

Although many don’t realize that WhatsApp is owned by Facebook, which has faced a slew of security and privacy scandals in the past year, Facebook has said it’s committed to keeping WhatsApp messages end-to-end-encrypted by default. That said, it’s feasibly possible that Facebook could change its mind in the future, security researchers have said. It’s right to remain cautious, but WhatsApp is still better to use for sending encrypted messages than not at all.

The best advice is to never write and send something on even an end-to-end encrypted messaging app that you wouldn’t want to appear in a courtroom — just in case!

Wire is also enjoyed by many who trust the open-source cross-platform app for sharing group chats and calls. The app doesn’t require a phone number, instead opting for usernames, which many who want greater anonymity find more appealing than alternative apps. Wire also backed up its end-to-end encryption claims by asking researchers to conduct an external audit of its cryptography, but users should be aware that a trade-off for using the app on other devices means that the app keeps a record of everyone you’ve ever contacted in plain text.

iMessage is also end-to-end encrypted and are used by millions of people around the world who likely don’t even realize their messages are encrypted.

Other apps should be treated with care or avoided altogether.

Apps like Telegram have been criticized by experts for its error-prone cryptography, which has been described as “being like being stabbed in the eye with a fork.” And researchers have found that apps like Confide, once a favorite among White House staffers, don’t properly scramble messages, making it easy for the app’s makers to secretly eavesdrop on someone’s conversation.

How to verify someone’s identity

A core question in end-to-end encrypted messaging is: how do I know a person is who they say they are?

Every end-to-end encrypted messaging app handles a user’s identity differently. Signal calls it a “safety number” and WhatsApp calls it a “security code.” Across the board, it’s what we call “key verification.”

Every user has their own unique “fingerprint” that’s associated with their username, phone number or their device. It’s usually a string of letters and numbers. The easiest way to verify someone’s fingerprint is to do it in person. It’s simple: you both get your phones out, open up a conversation on your encrypted messaging app of choice, and you make sure that the fingerprints on the two sets of devices are exactly the same. You usually then hit a “verify” button — and that’s it.

Verifying a contact’s fingerprint remotely or over the internet is tricker. Often it requires sharing your fingerprint (or a screenshot) over another channel — such as a Twitter message, on Facebook, or email — and making sure they match. (The Intercept’s Micah Lee has a simple walk-through of how to verify an identity.)

Once you verify someone’s identity, they won’t need to be reverified.

If your app warns you that a recipient’s fingerprint has changed, it could be an innocuous reason — they may have a new phone number, or sent a message from a new device. But that could also mean that someone is trying to impersonate the other person in your conversation. You would be right to be cautious, and try to reverify their identity again.

Some apps don’t bother to verify a user’s identity at all. For example, there’s no way to know that someone isn’t secretly snooping on your iMessage conversations because Apple doesn’t notify you if someone is secretly monitoring your conversation or hasn’t somehow replaced a message recipient with another person.

You can read more about how Signal, WhatsApp, Telegram, and Wire allow you to verify your keys and warn you of key changes. (Spoiler alert: Signal is the safest choice.)

There are some other tips you should know:

Encrypted message backups are usually not encrypted in the cloud: A very important point here — often, your encrypted messages are not encrypted when they are backed up to the cloud. That means the government can demand that your cloud provider — like Apple or Google — to retrieve and turn over your encrypted messages from its servers. You should not back up your messages to the cloud if this is a concern.

Beware of desktop apps: One of the benefits to many encrypted messaging apps is that they’re available on a multitude of platforms, devices and operating systems. Many also offer desktop versions for responding faster. But over the past few years, most of the major vulnerabilities have been in the buggy desktop software. Make sure you’re on top of app updates. If an update requires you to restart the app or your computer, you should do it straight away.

Set your messages to expire: Encryption isn’t magic; it requires awareness and consideration. End-to-end encrypted messaging won’t save you if your phone is compromised or stolen and its contents can be accessed. You should strongly consider setting an expiry timer on your conversations to ensure that older messages will be deleted and disappear.

Keep your apps updated: One of the best ways to make sure you stay secure (and get new features!) is to make sure that your desktop and mobile apps are kept up-to-date. Security bugs are found often, but you may not always hear about them. Keep your apps updated is the best way to make sure you’re getting those security fixes as soon as possible, lowering your risk that your messages could be intercepted or stolen.

Check out our full Cybersecurity 101 guides here.

Perhaps Mark Zuckerberg obsessed over the wrong bit of history. Or else didn’t study his preferred slice of classical antiquity carefully enough, faced, as he now is, with an existential crisis of ‘fake news’ simultaneously undermining trust in his own empire and in democracy itself.

A recent New Yorker profile — questioning whether the Facebook founder can fix the creation he pressed upon the world before the collective counter-pressure emanating from his billions-strong social network does for democracy what Brutus did to Caesar — touched in passing on Zuckerberg’s admiration for Augustus, the first emperor of Rome.

“Basically, through a really harsh approach, he established two hundred years of world peace,” was the Facebook founder’s concise explainer of his man-crush, freely accepting there had been some crushing “trade-offs” involved in delivering that august outcome.

Zuckerberg’s own trade-offs, engaged in his quest to maximize the growth of his system, appear to have achieved a very different kind of outcome.

Empire of hurt

If you gloss over the killing of an awful lot of people, the Romans achieved and devised many ingenious things. But the population that lived under Augustus couldn’t have imagined an information-distribution network with the power, speed and sheer amplifying reach of the internet. Let alone the data-distributing monster that is Facebook — an unprecedented information empire unto itself that’s done its level best to heave the entire internet inside its corporate walls.

Literacy in Ancient Rome was dependent on class, thereby limiting who could read the texts that were produced, and requiring word of mouth for further spread.

The ‘internet of the day’ would best resemble physical gatherings — markets, public baths, the circus — where gossip passed as people mingled. Though of course information could only travel as fast as a person (or an animal assistant) could move a message.

In terms of regular news distribution, Ancient Rome had the Acta Diurna, A government-produced daily gazette that put out the official line on noteworthy public events.

These official texts, initially carved on stone or metal tablets, were distributed by being exposed in a frequented public place. The Acta is sometimes described as a proto-newspaper, given the mix of news it came to contain.

Minutes of senate meetings were included in the Acta by Julius Caesar. But, in a very early act of censorship, Zuckerberg’s hero ended the practice — preferring to keep more fulsome records of political debate out of the literate public sphere.

“What news was published thereafter in the acta diurna contained only such parts of the senatorial debates as the imperial government saw fit to publish,” writes Frederick Cramer, in an article on censorship in Ancient Rome.

Augustus, the grand-nephew and adopted son of Caesar, evidently did not want the risk of political opponents using the outlet to influence opinion, his great-uncle having been assassinated in a murderous plot hatched by conspiring senators.

Under Augustus, the Acta Diurna was instead the mouthpiece of the “monarchic faction.”

“He rightly believed this method to be less dangerous than to muzzle the senators directly,” is Cramer’s assessment of Augustus’s decision to terminate publication of the senatorial protocols, limiting at a stroke how physical voices raised against him in the Senate could travel and lodge in the wider public consciousness by depriving them of space on the official platform.

Augustus also banned anonymous writing in a bid to control incendiary attacks distributed via pamphlets and used legal means to command the burning of incriminatory writings (with some condemned authors issued with ‘literary death-sentences’ for their entire life’s work).

The first emperor of Rome understood all too well the power of “publicare et propagare.”

It’s something of a grand irony, then, that Zuckerberg failed to grasp the lesson for the longest time, letting the eviscerating fire of fake news rage on unchecked until the inferno was licking at the seat of his own power.

So instead of Facebook’s brand and business invoking the sought-for sense of community, it’s come to appear like a layer cake of fakes, iced with hate speech horrors.

On the fake front, there are fake accounts, fake news, inauthentic ads, faux verifications and questionable metrics. Plus a truck tonne of spin and cynical blame shifting manufactured by the company itself.

There’s some murkier propaganda, too; a PR firm Facebook engaged in recent years to help with its string of reputation-decimating scandals reportedly worked to undermine critical voices by seeding a little inflammatory smears on its behalf.

Publicare et propagare, indeed.

Perhaps Zuckerberg thought Ancient Rome’s bloody struggles were so far-flung in history that any leaderly learnings he might extract would necessarily be abstract, and could be cherry-picked and selectively filtered with the classical context so comfortably remote from the modern world. A world that, until 2017, Zuckerberg had intended to render, via pro-speech defaults and systematic hostility to privacy, “more open and connected.” Before it got too difficult for him to totally disregard the human and societal costs.

Revising the mission statement a year-and-a-half ago, Zuckerberg had the chance to admit he’d messed up by mistaking his own grandstanding world-changing ambition for a worthy cause.

Of course he sidestepped, writing instead that he would commit his empire (he calls it a “community”) to strive for a specific positive outcome.

He didn’t go full Augustus with the new goal (no ‘world peace’) — but recast Facebook’s mission to: “Give people the power to build community and bring the world closer together.”

There are, it’s painful to say, “communities” of neo-Nazis and white supremacists thriving on Facebook. But they certainly don’t believe in bringing the world closer together. So Facebook’s reworked mission statement is a tacit admission that its tools can help spread hate by saying it hopes for the opposite outcome. Even as Zuckerberg continues to house voices on his platform that seek to deny historical outrages like the Holocaust, which is the very definition of antisemitic hate speech.

“I used to think that if we just gave people a voice and helped them connect, that would make the world better by itself. In many ways it has. But our society is still divided,” he wrote in June 2017, eliding his role as emperor of the Facebook platform, in fomenting the societal division of which he typed. “Now I believe we have a responsibility to do even more. It’s not enough to simply connect the world, we must also work to bring the world closer together.”

This year his personal challenge was also set at “fixing Facebook.”

Also this year: Zuckerberg made a point of defending allowing Holocaust deniers on his platform, then scrambled to add the caveat that he finds such views “deeply offensive.” (That particular Facebook content policy has stood unflinching for almost a decade.)

It goes without saying that the Nazis of Hitler’s Germany understood the terrible power of propaganda, too.

More recently, faced with the consequences of a moral and ethical failure to grapple with hateful propaganda and junk news, Facebook has said it will set up an external policy committee to handle some content policy decisions next year.

But only at a higher and selective appeal tier, after layers of standard internal reviews. It’s also not clear how this committee can be truly independent from Facebook.

Quite possibly it’ll just be another friction-laced distraction tactic, akin to Facebook’s self-serving ‘Hard Questions’ series.

Revised mission statements, personal objectives and lashings of self-serving blog posts (playing up the latest self-forged “accountability” fudge), have done nothing to dim the now widely held view that Facebook specifically, and social media in general, profits off of accelerated outrage.

Cries to that effect have only grown louder this year, two years on from revelations that Kremlin election propaganda maliciously targeting the U.S. presidential election had reached hundreds of millions of Facebook users, fueled by a steady stream of fresh outrages found spreading and catching fire on these “social” platforms.

Like so many self-hyping technologies, social media seems terribly deceptively named.

“Antisocial media” is, all too often, rather closer to the mark. And Zuckerberg, the category’s still youthful warlord, looks less “harshly pacifying Augustus” than modern day Ozymandias, forever banging on about his unifying mission while being drowned out by the sound and fury coming from the platform he built to programmatically profit from conflict.

And still the young leader longs for the mighty works he might yet do.

Look on my works, ye mighty…

For all the positive connections flowing from widespread access to social media tools (which of course Zuckerberg prefers to fix on), evidence of the tech’s divisive effects are now impossible for everyone else to ignore: Whether you look at the wildly successful megaphoning of Kremlin propaganda targeting elections and (genuine) communities by pot stirring across all sorts of identity divides; or algorithmic recommendation engines that systematically point young and impressionable minds toward extremist ideologies (and/or brain-meltingly ridiculous conspiracy theories) as an eyeball-engagement strategy for scaling ad revenue in the attention economy. Or, well, Brexit.

Whatever your view on whether or not Facebook content is actually influencing opinion, attention is undoubtedly being robbed. And the company has a long history of utilizing addictive design strategies to keep users hooked.

To the point where it’s publicly admitted it has an over-engagement problem and claims to be tweaking its algorithmic recipes to dial down the attention incursion. (Even as its engagement-based business model demands the dial be yanked back the other way.)

Facebook’s problems with fakery (“inauthentic content” in the corporate parlance) and hate speech — which, without the hammer blow of media-level regulation, is forever doomed to slip through Facebook’s one-size-fits-all “community standards” — are, it argues, merely a reflection of humanity’s flaws.

So it’s essentially asking to be viewed as a global mirror, and so be let off the moral hook. A literal vox populi — warts, fakes, hate and all.

It was never selling a fair-face, this self-serving, revisionist hot-take suggests; rather Facebook wants to be accepted as, at best, a sort of utilitarian plug that’s on a philanthropic, world-spanning infrastructure quest to stick a socket in everyone. Y’know, for their own good.

“It’s fashionable to treat the dysfunctions of social media as the result of the naivete of early technologists who failed to foresee these outcomes. The truth is that the ability to build Facebook-like services is relatively common,” wrote Cory Doctorow earlier this year in a damning assessment of the Facebook founder’s moral vacuum. “What was rare was the moral recklessness necessary to go through with it.”

Even now Zuckerberg is refusing the moral and ethical burden of editorial responsibility for the content his tools auto-publish and algorithmically amplify, every instant of every day, using proprietary information-shaping distribution hierarchies that accelerate machine-selected clickbait through the blood-brain barrier of 2.2 billion-plus users.

These algorithmically prioritized comms are positioned to influence opinion and drive intention at an unprecedented, global scale.

Asked by the New Yorker about the inflammatory misinformation peddled by InfoWars conspiracy theorist and hate speech “preacher,” Alex Jones, earlier this year, Zuckerberg’s gut instinct was to argue again to be let off the hook. “I don’t believe that it is the right thing to ban a person for saying something that is factually incorrect,” was his disingenuous response.

It was left to the journalist to point out InfoWars’ malicious disinformation is rather more than just factually incorrect.

Facebook has taken down some individual InfoWars videos this year, in its usual case by case style, where it deemed there was a direct incitement to violence. And in August it also pulled some InfoWars pages (“for glorifying violence, which violates our graphic violence policy, and using dehumanizing language to describe people who are transgender, Muslims and immigrants, which violates our hate speech policies”).

But it has certainly not de-platformed the professional purveyor of hateful conspiracy theories who sells supplements alongside his attention-grabbing lies.

One academic study, published two months ago, found much of the removed InfoWars content had managed to move “swiftly back” onto the Facebook platform. Like radio and silence, Facebook hates a content vacuum.

The problem is its own platform also sells stuff alongside attention-grabbing lies. So Jones is just the Facebook business model if it could pull on a blue suit and shout.

“Senator, we run ads”

It’s clear that Facebook’s adherence to a rules-based, reactive formula for assessing speech sets few if any meaningful moral standards. The company has also preferred to try offloading tricky decisions to third-party fact checkers and soon a quasi-external committee — a strategy that looks intended to sustain the suggestive lie that, at base, Facebook is just a “neutral platform.”

Yet Zuckerberg’s business is the business of influence itself. He admits as much. “Senator, we run ads,” he told Congress this April when asked how the platform turns a profit.

If the ads don’t work that’s an awful lot of money being pointlessly poured into Facebook’s coffers.

At the same time, the risk of malicious manipulation of Facebook’s machinery of mass manipulation is something the company claims it simply hadn’t thought of until very, very recently. 

That’s the official explanation for why senior executives failed to pay any mind to the tsunami of politically charged propaganda blooming across its U.S. platform, yet originating in Saint Petersburg and environs.

An astute political operator like Augustus was entirely alive to the risks of political propaganda. Hence making sure to keep a lid on domestic political opponents, while allowing them to let off steam in the Senate where a wider audience wouldn’t hear them.

Zuckerberg, by contrast, created the most effective tool for spreading propaganda the world has ever known without — so he claims — bothering to consider how people might use it.

That’s either radical stupidity or willful recklessness.

Zuckerberg implies the former. “I always believed people are basically good,” he wrote in his grandiose explainer on rethinking Facebook’s mission statement last year.

Though you’d think someone with a fascination for classical antiquity, and a special admiration for an emperor whose harsh trade-offs apparently included arranging the execution of his own grandson, might have found plenty to test that theory to a natural breaking point.

Safe to say, such a naive political mind wouldn’t have lasted long in Ancient Rome.

But Zuckerberg is no politician. He’s a new-age ad salesman with a crush on one of history’s canniest political operators — who happened to know the power and value of propaganda. And who also knew that propaganda could be deadly.

If you imagine Facebook’s platform as a modern day Acta Diurna — albeit, one updated continuously, delivered direct to citizens’ pockets, and with no single distributed copy ever being exactly the same — the organ is clearly not working toward any kind of societal order, crushing or otherwise.

Under Zuckerberg’s programmatic instruction, Facebook’s daily notices are selected for their capacity to emotionally tug at the individual. By design the medium agitates because the platform exists to trade attention.

It’s really the opposite of “civilization building.” Outrage and tribalism are grist to the algorithmic mill. It’s much closer to the tabloid news mantra — of “if it bleeds it leads.”

But Facebook goes further, using “free speech” as a cloaking mechanism to cross the ethical  line and conceal the ugly violence of a business that profits by ripping up the social compact.

The speech-before-truth philosophy underpinning Zuckerberg’s creation intrinsically works against the civic, community values he claims to champion. So at bottom, there’s yet another fake: no “global community” inside the walled garden, just a globally scaled marketing empire that’s had raging success in growing programmatic ad sales by tearing genuine communities apart.

Here confusion and anger reign.

The empire of Zuckerberg is a drear domain indeed.

Fake news of the 1640s

Might things have turned out differently for Facebook — and, well, for the world — if its founder had obsessed over a different period in history?

The English Civil War of the 1640s has much to recommend it as a study topic to those trying to understand and unpick the social impacts of the hyper modern phenomenon of social media, given the historical parallels of society turned upside during a moment of information revolution.

It might seen counterintuitive to look so far back in time to try to understand the societal impacts of cutting-edge communications technologies. But human nature can be surprisingly constant.

Internet platforms are also socio-technical tools, which means ignoring human behavior is a really dumb thing to do.

As the inventor of the World Wide Web, Tim Berners-Lee, said recently of modern day anthropogenic platforms: “As we’re designing the system, we’re designing society.”

The design challenge is all about understanding human behaviour — so you know how and where to place your ethical guardrails.

Rather than, per the Zuckerberg fashion, embarking on some kind of a quixotic, decade-plus quest to chase a grand unifying formula of IFTTT reaction statements to respond consistently to every possible human (and inhuman) act across the globe.

Mozilla’s Mitchell Baker made a related warning earlier this year, when she called for humanities and ethics to be baked into STEM learning, saying: “One thing that’s happened in 2018 is that we’ve looked at the platforms, and the thinking behind the platforms, and the lack of focus on impact or result. It crystallised for me that if we have Stem education without the humanities, or without ethics, or without understanding human behaviour, then we are intentionally building the next generation of technologists who have not even the framework or the education or vocabulary to think about the relationship of Stem to society or humans or life.”

What’s fascinating about the English Civil War to anyone interested in current day Internet speech versus censorship ethics trade-offs, is that in a similar fashion to how social media has radically lowered the distribution barrier for online speech, by giving anyone posting stuff online the chance of reaching a large audience, England’s long-standing regime of monarchical censorship collapsed in 1641, leading to a great efflorescence of speech and ideas as pamphlets suddenly and freely poured off printing presses.

This included an outpouring of radical political views from groups agitating for religious reforms, popular sovereignty, extended suffrage, common ownership and even proto women’s rights — laying out democratic concepts and liberal ideas centuries ahead of the nation itself becoming a liberal democracy.

But, at the same time, pamphlets were also used during the English Civil War period as a cynical political propaganda tool to whip up racial and sectarian hatred, most markedly in the parliament’s fight against the king.

Especially vicious hate speech was directed at the Irish. And historians suggest anti-Irish propaganda helped fuel the rampage that Cromwell’s soldiers went on in Ireland to crush the rebellion, having been fed a diet of violent claims in uncensored pamphlet print — such as that the Irish were killing and eating babies.

For a modern day parallel of information technology charging up ethnic hate you only have to look to Facebook’s impact in Myanmar where its platform was appropriated by military elements to incite genocide against the minority Rohingya population — leading to terrible human rights abuses in the modern era. There’s no shortage of other awful examples either.

“There are genuine atrocities in Ireland but suddenly the pamphleteers realise that this sells and suddenly you get a pornography of violence when everyone is rushing to put out these incredibly violent and unpleasant stories, and people are rushing to buy them,” says University of Southampton early modern history professor, Mark Stoyle, discussing the parliamentary pamphleteers’ evolving tactics in the English Civil War.

“It makes the Irish rebellion look even worse than it was. And it sort of raises even greater levels of bitterness and hostility towards the Irish. I would say those sorts of things had a very serious effect.”

Stoyle says pamphlets printed during the English Civil War period also revived superstitious beliefs in witchcraft, leading to an upsurge in prosecutions and killings on charges of witchcraft which had dipped in earlier years under tighter state controls on popular printed accounts of witch trials.

“Once the royal regime collapses, the king’s not there to stop people prosecuting witches, he’s not there to stop these pamphlets appearing. There’s a massive upsurge in pamphlets about witches and in no time at all there’s a massive upsurge in prosecutions of witches. That’s when Matthew Hopkins, the witchfinder general, kills several hundred men and women in East Anglia on charges of being witches. And again I think the civil war propaganda has helped to fuel that.”

If you think modern day internet platforms don’t have to worry about crazy superstitions like witchcraft and devil worship just Google “Frazzledrip” (a conspiracy theory that’s been racking up the views on YouTube this year which claims Hillary Clinton and longtime aide Huma Abedin sexually assaulted a girl and drank her blood). The Clinton-targeted viral “Pizzagate” conspiracy theory also combines bizarre claims of Satanic rituals with child abuse. None of which stopped it catching fire on social media.

Indeed, a whole host of ridiculous fictions are being algorithmically accelerated into wider view, here in the 21st (not the 17th) century.

And it’s internet platforms that rank speech above truth that are in the distribution saddle.

Stoyle, who has written a book on witchcraft and propaganda during the English Civil War, believes the worst massacre of the period was also fueled by political disinformation targeting the king’s female camp followers. Parliamentary pamphleteers wrote that the women were prostitutes. Or claimed they were Irish women who had killed English men and women in Ireland. There were also claims some were witches.

“One of these pamphlets describes the women in the king’s camp — just literally a week before the massacre — and it presents them all as prostitutes and it says something like ‘these women they revel in their hot blood and they deserve a hotter punishment’,” he tells us. “Just a week later they’re all cut down. And I don’t think that’s coincidence.”

In the massacre Stoyle says parliamentary soldiers set about the women, killing 100 and mutilating scores more. “This is just unheard of,” he adds.

The early modern period even had the equivalent of viral clickbait in pamphlet form when a ridiculous story about a dog owned by the king’s finest cavalry commander, prince Rupert, takes off. The poodle was claimed to be a witch in disguise which had invested Rupert with magical military powers — hence, the pamphlets proclaimed, his huge successes on the battlefield.

“In a time when we’ve got no pictures at all of some of the most important men and women in the country we’ve got six different pictures of prince Rupert’s dog circulating. So this is absolutely fake news with a vengeance,” says Stoyle.

And while parliamentarian pamphlet writers are generally assumed to be behind this particular sequence of Civil War fakes, Stoyle believes one particularly blatant pamphlet in the series — which claimed the dog was not only a witch but that the prince was having sex with it — is a doubly bogus hoax fake.

“I’m pretty certain now it was actually written by a royalist to poke fun at the parliamentarians for being so gullible and believing this stuff,” he says. “But like so many hoaxes it was a hoax that went wrong — it was done so well that most people who read it actually believed it. And it was just a few highly educated royalists who got the joke and laughed at it. And so in a way it was like a hoax that backfired horribly.

“A classic case of fake news biting the person who put it out in the bum.”

Of course this was also the prince’s dog pamphlet that got the most attention and “viral engagement” of the time, as other pamphlet writers picked up on it and started referencing it.

So again the lesson about clickbait economics is a very old one, if you only know where to look.

Fake news most certainly wasn’t suddenly born in 2016. Modern hoaxers like Jones (who has also been at it for far longer than two years) are just appropriating cutting-edge tech tools to plough a very old furrow.

Equally, it really shouldn’t be any kind of news flash that free speech can have a horribly dark side.

The overarching lesson of history is that propaganda is baked indelibly into the human condition. Speech and lies come wrapped around the same tongue.

The stark consequences that can flow from maliciously minded lies being crafted to move a particular audience are also writ large across countless history books.

So when Facebook says — caught fencing Kremlin lies — “we just didn’t think of that” it’s a truly illiterate response to an age-old problem.

And as the philosophical saying goes: Those who cannot remember the past are condemned to repeat it.

That’s really the most important history lesson of all.

“As humans we have this terrible ability to be angels and devils — to use things for wonderful purposes and to use things for terrible purposes that were never really intended or thought of,” says Stoyle, when asked whether, at a Facebook-level scale, we’re now seeing some of the limits of the benefits of free speech. “I’m not saying that the people who wrote some of these pamphlets in the Civil War expected it would lead to terrible massacres and killings but it did and they sort of played their part in that.

“It’s just an amazingly interesting period because there’s all this stuff going on and some of it is very dark and some of it’s more positive. And I suppose we’re quite well aware of the dark side of social media now and how it has got a tendency to let almost the worst human instincts come out in it. But some of these things were, I think, forces for good.”

‘Balancing angels and devils’ would certainly be quite the job description to ink on Zuckerberg’s business card.

“History teaches you to take all the evidence, weigh it up and then say who’s saying this, where does it come from, why are they saying it, what’s the purpose,” adds Stoyle, giving some final thoughts on why studying the past can provide a way through modern day information chaos. “Those are the tools that you need to make your way through this minefield.”

Monday was a tough day for the U.S. stock market, but Tesla shares were hit especially hard. The stock fell by 7.6 percent after Tesla cut the Model 3’s price in China and CEO Elon Musk promised to reimburse U.S. customers if they miss a tax credit deadline due to Model 3 shipment delays.

Reuters reported this weekend that the Model 3’s prices on Tesla’s China website had been reduced by up to 7.6 percent, with the starting price now at 499,000 RMB (about $72,000). This is the third time since November that Tesla has lowered the price of its vehicles in China.

The first was in November, when it slashed the price of Model X and Model S vehicles by 12 to 26 percent, stating that it was “absorbing a significant part of the tariff to help make cars more affordable for customers in China.” Then this month, Tesla cut Model X and Model S prices again, citing China’s decision to temporarily suspend a new 25 percent tariff on American-produced vehicles and auto parts as the two countries reached a ceasefire in the trade war.

In October, Tesla announced on its site that if U.S. customers needed to order a Model S, Model X, or Model 3 before October 15 if they wanted the full $7,500 federal tax credit, which begins to phase out once a manufacturer sells 200,000 qualifying vehicles in the U.S. (Tesla hit that milestone earlier this year). As a result, the federal tax vehicle will be cut 50 percent to $3,750 for vehicles delivered January 1 to June 30, 2019, before behing halved again on July 1.

On Sunday, Musk tweeted in response to a question that if a customer’s pre-December order isn’t delivered before the end of the year, Tesla will reimburse the tax credits they missed out on.

If Tesla committed delivery & customer made good faith efforts to receive before year end, Tesla will cover the tax credit difference

— Elon Musk (@elonmusk) December 22, 2018

After months of production and delivery delays, Tesla ramped up fulfillment of Model 3 orders in the third quarter of this year, when it delivered a total of 83,500 vehicles, including 55,840 Model 3 units.

The good times kept on rolling this year for Salesforce with all of the requisite ingredients of a highly successful cloud company — the steady revenue growth, the expanding product set and the splashy acquisitions. The company also opened the doors of its shiny new headquarters, Salesforce Tower in San Francisco, a testament to its sheer economic power in the city.

Salesforce, which set a revenue goal of $10 billion a few years ago is already on its way to $20 billion. Yet Salesforce is also proof you can be ruthlessly good at what you do, while trying to do the right thing as an organization.

Make no mistake, Marc Benioff and Keith Block, the company’s co-CEOs, want to make obscene amounts of money, going so far as to tell a group of analysts earlier this year that their goal by 2034 is to be a $60 billion company. Salesforce just wants to do it with a hint of compassion as it rakes in those big bucks and keeps well-heeled competitors like Microsoft, Oracle and SAP at bay.

A look at the numbers

In the end, a publicly traded company like Salesforce is going to be judged by how much money it makes, and Salesforce it turns out is pretty good at this, as it showed once again this year. The company grew every quarter by over 24 percent YoY and ended up the year with $12.53 billion in revenue. Based on its last quarter of $3.39 billion, the company finished the year on a $13.56 billion run rate.

This compares with $9.92 billion in total revenue for 2017 with a closing run rate of $10.72 billion.

Even with this steady growth trajectory, it might be some time before it hits the $5 billion-a-quarter mark and checks off the $20 billion goal. Keep in mind that it took the company three years to get from $1.51 billion in Q12016 to $3.1 billion in Q12019.

As for the stock market, it has been highly volatile this year, but Salesforce is still up. Starting the year at $102.41, it was sitting at $124.06 as of publication, after peaking on October 1 at $159.86. The market has been on a wild ride since then and cloud stocks have taken a big hit, warranted or not. On one particularly bad day last month, Salesforce had its worst day since 2016 losing 8.7 percent in value,

Spending big

When you make a lot of money you can afford to spend generously, and the company invested some of those big bucks when it bought Mulesoft for $6.5 billion in March, making it the most expensive acquisition it has ever made. With Mulesoft, the company had a missing link between data sitting on-prem in private data centers and Salesforce data in the cloud.

Mulesoft helps customers build access to data wherever it lives via APIs. That includes legacy data sitting in ancient data repositories. As Salesforce turns its eyes toward artificial intelligence and machine learning, it requires oodles of data and Mulesoft was worth opening up the wallet to provide the company with that kind of access to a variety of enterprise data.

But Mulesoft wasn’t the only thing Salesforce bought this year. It made five acquisitions in all. The other significant one came in July when it scooped up Dataorama for a cool $800 million, giving it a market intelligence platform.

What could be on board for 2019? If Salesforce sticks to its recent pattern of spending big one year, then regrouping the next, 2019 could be a slower one for acquisitions. Consider that it bought just one company last year after buying a dozen in 2016.

One other way to keep revenue rolling in comes from high-profile partnerships. In the past, Salesforce has partnered with Microsoft and Google, and this year it announced that it was teaming up with Apple. Salesforce also announced another high-profile arrangement with AWS to share data between the two platforms more easily. The hope with these types of cross pollination is that the companies can both increase their business. For Salesforce, that means using these partnerships as a platform to move the revenue needle faster.

Compassionate capitalism

Even while his company has made big bucks, Benioff has been preaching compassionate capitalism using Twitter and the media as his soap box.

He went on record throughout this year supporting Prop C, a referendum question designed to help battle San Francisco’s massive homeless problem by taxing companies with greater than $50 million in revenue — companies like Salesforce. Benioff was a vocal proponent of the idea, and it won. He did not find kindred spirits among some of his fellow San Francisco tech CEOs, openly debating Twitter CEO Jack Dorsey on Twitter.

Speaking about Prop C in an interview with Kara Swisher of Recode in November, Benioff talked in lofty terms about why he believed in the measure even though it would cost his company money.

“You’ve got to really be mindful and think about what it is that you want your company to be for and what you’re doing with your business and here at Salesforce, that’s very important to us,” he told Swisher in the interview.

He also talked about how employees at other tech companies were driving their CEOs to change their tune around social issues, including supporting Prop C, but Benioff had to deal with his own internal insurrection this year when 650 employees signed a petition asking him to rethink Salesforce’s contract with the U.S. Customs and Border Protection (CBP) in light of the current administration’s border policies. Benioff defended the contract, stating that that Salesforce tools were being used internally at CBP for staff recruiting and communication and not to enforce border policy.

Regardless, Salesforce has never lost its focus on meeting lofty revenue goals, and as we approach the new year, there is no reason to think that will change. The company will continue to look for new ways to expand markets and keep their revenue moving ever closer to that $20 billion goal, even as it continues to meld its unique form of compassion and capitalism.

‘Twas the night before Xmas, and all through the house, not a feature was stirring from the designer’s mouse . . . Not Twitter! Not Uber, Not Apple or Pinterest! On Facebook! On Snapchat! On Lyft or on Insta! . . . From the sidelines I ask you to flex your code’s might. Happy Xmas to all if you make these apps right.

Instagram

See More Like This – A button on feed posts that when tapped inserts a burst of similar posts before the timeline continues. Want to see more fashion, sunsets, selfies, food porn, pets, or Boomerangs? Instagram’s machine vision technology and metadata would gather them from people you follow and give you a dose. You shouldn’t have to work through search, hashtags, or the Explore page, nor permanently change your feed by following new accounts. Pinterest briefly had this feature (and should bring it back) but it’d work better on Insta.

Web DMs – Instagram’s messaging feature has become the defacto place for sharing memes and trash talk about people’s photos, but it’s stuck on mobile. For all the college kids and entry-level office workers out there, this would make being stuck on laptops all day much more fun. Plus, youth culture truthsayer Taylor Lorenz wants Instagram web DMs too.

Upload Quality Indicator – Try to post a Story video or Boomerang from a crummy internet connection and they turn out a blurry mess. Instagram should warn us if our signal strength is low compared to what we usually have (since some places it’s always mediocre) and either recommend we wait for Wi-Fi, or post a low-res copy that’s replaced by the high-res version when possible.

Oh, and if new VP of product Vishal Shah is listening, I’d also like Bitmoji-style avatars and a better way to discover accounts that shows a selection of their recent posts plus their bio, instead of just one post and no context in Explore which is better for discovering content.

Twitter

DM Search – Ummm, this is pretty straightforward. It’s absurd that you can’t even search DMs by person, let alone keyword. Twitter knows messaging is a big thing on mobile right? And DMs are one of the most powerful ways to get in contact with mid-level public figures and journalists. PS: My DMs are open if you’ve got a news tip — @JoshConstine.

Unfollow Suggestions – Social networks are obsessed with getting us to follow more people, but do a terrible job of helping us clean up our feeds. With Twitter bringing back the option to see a chronological feed, we need unfollow suggestions more than ever. It should analyze who I follow but never click, fave, reply to, retweet, or even slow down to read and ask if I want to nix them. I asked for this 5 years ago and the problem has only gotten worse. Since people feel like their feeds are already overflowing, they’re stingy with following new people. That’s partly why you see accounts get only a handful of new followers when their tweets go viral and are seen by millions. I recently had a tweet with 1.7 million impressions and 18,000 Likes that drove just 11 follows. Yes I know that’s a self-own.

Analytics Benchmarks – If Twitter wants to improve conversation quality, it should teach us what works. Twitter offers analytics about each of your tweets, but not in context of your other posts. Did this drive more or fewer link clicks or follows than my typical tweet? That kind of info could guide users to create more compelling content.

Facebook

(Obviously we could get into Facebook’s myriad problems here. A less sensationalized feed that doesn’t reward exaggerated claims would top my list. Hopefully its plan to downrank “borderline content” that almost violates its policies will help when it rolls out.)

Batched Notifications – Facebook sends way too many notifications. Some are downright useless and should be eliminated. “14 friends responded to events happening tomorrow”? “Someone’s fundraiser is half way to its goal?” Get that shit out of here. But there are other notifications I want to see but that aren’t urgent nor crucial to know about individually. Facebook should let us decide to batch notifications so we’d only get one of a certain type every 12 or 24 hours, or only when a certain number of similar ones are triggered. I’d love a digest of posts to my Groups or Events from the past day rather than every time someone opens their mouth.

Notifications In The “Time Well Spent” Feature – Facebook tells you how many minutes you spent on it each day over the past week and on average, but my total time on Facebook matters less to me than how often it interrupts my life with push notifications. The “Your Time On Facebook” feature should show how many notifications of each type I’ve received, which ones I actually opened, and let me turn off or batch the ones I want fewer of.

Oh, and for Will Cathcart, Facebook’s VP of apps, can I also get proper syncing so I don’t rewatch the same Stories on Instagram and Facebook, the ability to invite people to Events on mobile based on past invite lists of those I’ve hosted or attended, and the See More Like This feature I recommended for Instagram?

Uber/Lyft/Ridesharing

“Quiet Ride” Button – Sometimes you’re just not in the mood for small talk. Had a rough day, need to get work done, or want to just zone out? Ridesharing apps should offer a request for a quiet ride that if the driver accepts, you pay them an extra dollar (or get it free as a loyalty perk), and you get ferried to your destination without unnecessary conversation. I get that it’s a bit dehumanizing for the driver, but I’d bet some would happily take a little extra cash for their compliance.

“I Need More Time” Button – Sometimes you overestimate the ETA and suddenly your car is arriving before you’re ready to leave. Instead of cancelling and rebooking a few minutes later, frantically rushing so you don’t miss your window and get smacked with a no-show fee, or making the driver wait while they and the company aren’t getting paid, Uber, Lyft, and the rest should offer the “I Need More Time” button that simply rebooks you a car that’s a little further away.

Spotify/Music Streaming Apps

Scan My Collection – I wish I could just take photos of the album covers, spines, or even discs of my CD or record collection and have them instantly added to a playlist or folder. It’s kind of sad that after lifetimes of collecting physical music, most of it now sits on a shelf and we forget to play what we used to love. Music apps want more data on what we like, and it’s just sitting there gathering dust. There’s obviously some fun viral potential here too. Let me share what’s my most embarrassing CD. For me, it’s my dual copies of Limp Bizkit’s “Significant Other” because I played the first one so much it got scratched.

Friends Weekly – Spotify ditched its in-app messaging, third-party app platform, and other ways to discover music so its playlists would decide what becomes a hit in order to exert leverage over the record labels to negotiate better deals. But music discovery is inherently social and the desktop little ticker of what friends are playing on doesn’t cut it. Spotify should let me choose to recommend my new favorite song or agree to let it share what I’ve recently played most, and put those into a Discover Weekly-style social playlist of what friends are listening to.

Snapchat

Growth – I’m sorry, I had to.

Bulk Export Memories – But seriously, Snapchat is shrinking. That’s worrisome because some users’ photos and videos are trapped on its Memories cloud hosting feature that’s supposed to help free up space on your phone. But there’s no bulk export option, meaning it could take hours of saving shots one at a time to your camera roll if you needed to get off of Snapchat, if for example it was shutting down, or got acquired, or you’re just bored of it.

Add-On Cameras – Snapchat’s Spectacles are actually pretty neat for recording first-person or underwater shots in a circular format. But otherwise they don’t do much more, and in some ways do much less, than your phone’s camera and are a long way from being a Magic Leap competitor. That’s why if Snapchat really wants to become a “Camera Company”, it should build sleek add-on cameras that augment our phone’s hardware. Snap previously explored selling a 360-camera but never launched one. A little Giroptic iO-style 360 lens that attaches to your phone’s charging port could let you capture a new kind of content that really makes people feel like they’re there with you. An Aukey Aura-style zoom lens attachment that easily fits in your pocket unlike a DSLR could also be a hit

iOS

Switch Wi-Fi/Bluetooth From Control Center – I thought the whole point of Control Center was one touch access, but I can only turn on or off the Wi-Fi and Bluetooth. It’s silly having to dig into the Settings menu to switch to a different Wi-Fi network or Bluetooth device, especially as we interact with more and more of them. Control Center should unfurl a menu of networks or devices you can choose from.

Shoot GIFs – Live Photos are a clumsy proprietary format. Instagram’s Boomerang nailed what we want out of live action GIFs and we should be able to shoot them straight from the iOS camera and export them as actual GIFs that can be used across the web. Give us some extra GIF settings and iPhones could have a new reason for teens to choose them over Androids.

Gradual Alarms – Anyone else have a heart attack whenever they hear their phone’s Alarm Clock ringtone? I know I do because I leave my alarms on so loud that I’ll never miss them, but end up being rudely shocked awake. A setting that gradually increases the volume of the iOS Alarm Clock every 15 seconds or minute so I can be gently arisen unless I refuse to get up.

Maybe some of these apply to Android, but I wouldn’t know because I’m a filthy casual iPhoner. Send me your Android suggestions, as well as what else you want to see added to your favorite apps.

[Image Credit: Hanson Inc]

Many founders believe in the myth that the first steps of starting a business are the hardest: Attracting the first investment, the first hires, proving the technology, launching the first product and landing the first customer. Although those critical first steps are difficult, they are certainly not the most difficult on the arduous path of building an iconic company. As early and late-stage funding becomes more abundant, founders and their early VC backers need to get smarter about how to position their companies for a looming valley of death in-between. As we’ll learn below, it’s only going to get much, much harder before it gets easier.

There will be an abundance of capital at the two ends of the startup spectrum. At one end, hundreds of seed and micro VCs, each armed with dozens of $250,000-$1 million checks to write every year, are on the prowl for visionary founders with pedigrees and resumes. At the other end, behemoths like SoftBank, sovereigns, as well “early-stage” firms raising larger funds are seeking breakout companies ready for checks that are in the mid-tens to hundreds of millions. There will be a dearth of capital to grow companies from a kernel of a business, to becoming the clear market-defining leader. In fact, we’re already seeing deal volume decreasing significantly as dollars increase, likely evidence of larger checks going into fewer companies.

Founders should no longer assume that their all-star seed and Series A syndicates will guarantee a successful follow-on financing. Progress on recruiting and product development, though necessary, are no longer sufficient for B-rounds and beyond. Founders should be mindful that investors that specialize in leading $20-50 million rounds will have a plethora of well-funded, well-mentored, well-staffed startups with slick presentations, big visions and some early market traction from which to choose.

Today, there is far more capital chasing fewer quality companies. Fewer breakout companies and fear of missing out is making it easy to raise growth rounds with revenue growth, which may not be scalable or even reflective of an attractive business. This is creating false realities and prompting founders to raise big rounds at high prices — which is fine when there is an over-abundance of capital, but can cripple them when capital later becomes scarce. For example, not long ago, cleantech companies, armed with very preliminary sales, raised massive financings from VCs eager to back winners toward scaling into what they characterized as infinite demand. The reality is that the capital required to meet target economics was far greater and demand far smaller. As the private markets turned, access to cash became difficult and most faltered or were acquired for pennies on the dollar.

There is a likely future where capital grows scarce, and investors take a harder look at the underpinnings of revenue, growth and (dis)economies of scale.

What should startup leadership teams emphasize in an inevitable future where the $30 million rounds will be orders of magnitude harder than their $5 million rounds?

A business model representative of the big vision

Leadership teams put lots of emphasis on revenue. Unfortunately, revenue that’s not representative of the big vision is probably worse than no revenue at all. Companies are initially seeded with the expectation that the founding team can build and sell something. What needs to be proven is the hypothesis that the company can a) build a special product that b) is inexpensive to convince customers to pay for, and c) that those customers represent a massive market. It should be proven that it is unattractive for customers to switch to the inevitable copycats. It should be clear that over time, customers will pay more for additional features, and the cost of acquiring new customers will go down. Simply selling a product to customers that don’t represent that model is worse than not selling anything at all.

Recruiting talent that’s done it

Early founding teams are cognitively diverse individuals that can convince early investors that they can overcome the incredible odds of building a company that until now, shouldn’t have existed. They build a unique product, leveraging unique tools satisfying an unmet need. The early teams need to demonstrate the big vision, and that they can recruit the people that can make that vision a reality. Unfortunately, more founders struggle when it comes to recruiting people that have real experience reducing a technology to practice, executing on a product that customers want and charting the path to expand their market with improving unit economics. There are always exceptions of people that do the above for the first time at startups; however, most of today’s iconic startups knew what kind of talent they needed to execute and succeeded in bringing them on board. Who’s on your team?

Present metrics that matter

The attractive SaaS valuation multiples behoove all founders to apply its metrics to their businesses even if they aren’t really SaaS businesses. Sophisticated later-stage investors see right past that and dismiss numbers associated with metrics that are not representative. Semiconductors are about winning dedicated sockets in growing markets. Design tools are about winning and upselling seats in an industry that’s going to be hooked on those tools. Develop a clear understanding of how your business will be measured. Don’t inundate your investor with numbers; present a concise hypothesis for your unfair advantage in a growing market with your current traction being evidence to back it.

Find efficiencies by working in massive markets

“Pouring fuel on the fire” is a misleading metaphor that leads some into believing that capital can grow any business. That’s just as true as watering a plant with a fire hose or putting TNT in your Corolla’s gas tank: most business models and markets simply are not native to the much-sought-after venture growth profile. In fact, most later-stage startups that fail after raising large amounts of capital fail for this reason. Most markets are conducive to businesses with DIS-economies of scale, implying dwindling margins with scale, which is why many businesses are small, serving local, fragmented markets that technology alone cannot consolidate. How do your unit economics improve over time? What are the efficiencies generated by economies of scale? Is there a real network effect that drives these economies?

I expect today’s resourceful founders to seek partners, whether it’s employees, advisors or investors, to help them answer these questions. Together, these cognitively diverse teams will work together to accelerate past any metaphoric valley and build the iconic companies taking humanity to its fantastic future.  

Twas the last trading day before Christmas, and on the trading floor
Most stocks were falling, and then falling some more;
Treasury Secretary Steven Mnuchin all the banks had called,
In hopes that full coffers were still in their vaults;

The analysts were shaken by news of the call;
which initially caused the stock market to fall;
Then President Trump took to Twitter, to blame the Federal Reserve,
Which was something the Fed chairman just didn’t deserve

So banks and traders rushed to their phones with a clatter,
Causing stock market value further to shatter.
Markets don’t like decisions made in a flash,
And criticizing sound economic policy can exacerbate a crash.

Mnuchin made his call with banks from a tropical isle,
and analysts criticized his decision’s lack of guile,
They were more concerned with policy stupidity,
Since there’s already enough administrative volatility.
Like threatening to oust the chairman of the Federal Reserve,
Someone whose position it would be better to preserve.

So now the Dow has fallen some 653 points
And doctors may advise traders to light up their joints
Because U.S. indices are on track for their worst December
Since the 1930s, which almost no one alive remembers.

Tech companies have always branded themselves as the good guys. But 2018 was the year that the long-held belief that Silicon Valley is on the right side of progress and all things good was called into question by a critical mass.

As startups grow bigger and richer, amassing more power and influence outside of the Valley, a reckoning has played out in government and business. Mission statements like “connecting the world” and “don’t be evil” no longer hold water.

A look at a few of this year’s most impactful news themes underscore why; we’ve racked up too many examples to the contrary.

Android co-creator Andy Rubin’s $90 million payout and sexual misconduct revealed

Since the #MeToo movement opened the floodgates on the importance of fighting for gender equality and fair treatment of women and underrepresented minorities at a large scale, the tech industry was rightfully singled out as a microcosm for rampant misconduct.

In October, a New York Times investigation detailed how Android co-creator Andy Rubin was paid out a $90 million exit package when he left Google in 2014. At the time, Google concealed that the executive had multiple relationships with Google staffers and that credible accounts of sexual misconduct had been filed against him during his time at the company. It was an all-too-familiar story recounting how women in tech aren’t safe at work and misbehaved executives are immune from penalty. Google employees didn’t stand for it. 

At a rally in San Francisco, Google staffers read off their list of demands, which included an end to forced arbitration in cases of harassment and discrimination, a commitment to end pay and opportunity inequity, and a clear, inclusive process for reporting sexual misconduct safely and anonymously, reported Kate Clark.

Rubin has since taken leave from his smartphone company, Essential.

The first self-driving car fatality occurred when an Uber SUV struck and killed a woman in Arizona

In March, the first self-driving car fatality occurred in Tempe, Arizona when 49-year-old pedestrian Elaine Herzberg was struck by an Uber autonomous test SUV. The car was in self-driving mode, and there was a safety driver behind the wheel who failed to intervene.

Investigators determined the driver had looked down at a phone 204 times during a 43-minute test drive, and that the driver was streaming “The Voice”on Hulu, according to a police report released by the Tempe Police Department. Law enforcement determined her eyes were off the road for 3.67 miles of the 11.8 total miles driven, or about 31 percent of the time.

Uber paused all of its AV testing operations in Pittsburgh, Toronto, San Francisco and Phoenix as a result, and released a safety report detailing how it will add precautions to its testing of self-driving cars. Two employees will be required to sit in the front seat at all times, and an automatic braking system will be enabled.

The incident immediately raised questions about about insurance and liability, along with the investigation from the National Transportation Safety Board. As mobility companies charge full speed ahead in developing solutions that will shape the future of urban transportation, tragedies like this remind us that while AVs and humans share the roads, these programs are rife with risk. Has Uber learned a lesson? We’ll find out soon, as the company received permission by the state of Pennsylvania to resume autonomous vehicle testing.

Jamal Khashoggi was assassinated by Saudi agents, prompting Silicon Valley to think about how it got so rich

Silicon Valley companies are used to getting away with a lot. Larger orgs like Uber, Tesla and Facebook rotate in and out of the hot seat as security breaches wreak havoc and sexual harassment scandals are exposed, only to be washed out of the news cycle by a viral image of Elon Musk sampling marijuana the next day.

But one story shocked the public for weeks, after agents of the Saudi government assassinated Washington Post columnist Jamal Khashoggi at the Saudi Arabian consulate in Istanbul as he was trying to obtain marriage license papers.

The tech industry was collectively upset by its proximity to a government and funding source that blatantly misused its power. Silicon Valley gets most of its money through SoftBank’s Vision Fund and by proxy the Saudi kingdom. About half of SoftBank’s massive $93 billion tech-focused fund is powered by a $45 billion commitment from the Saudi kingdom. This means the total invested by the kingdom alone into U.S. startups is far greater than the total raised by any single VC fund. Did we see a single example of a startup that refused to work with SoftBank in the aftermath? No. Will we? Probably not. Because Silicon Valley players are mostly only political and activist when it’s convenient for them.

Silicon Valley companies who’ve accepted money from this source have a vested interest in keeping the peace with Saudi Arabia and its Crown Prince Mohammed bin Salman – the leader known for getting friendly with tech CEOs in the past. But where does this leave us now as Saudi Arabian money continues to distort American venture? SoftBank has sustained countless startups with round after round of funding as it plunges into debt.

With SoftBank money inflating round sizes and therefore valuations, tech founders and CEOs are faced with the age-old question of whether or not it’s okay to use dirty money to do “good things.” SoftBank’s 2018 culminated in a record IPO that saw a 15 percent drop in value on its debut. Regardless, the aftermath of the Khashoggi assassination could signify the end of an era in American venture if founders begin to think critically about the source of their funding – and act on it. 

Facebook’s struggle

Facebook’s 2018 kicked off with Zuckerberg’s wishful, vague post about his personal challenge to “fix Facebook.” The social network bowed out of 2017 with critics saying Zuckerberg hadn’t done enough to combat the proliferation of fake news on Facebook or block Russian interference in the 2016 U.S. election. Online abuse had never been so bad. All of this was happening just as people started to realize that mindlessly browsing the newsfeed – Facebook’s core product – is a total waste of time.

What better timing for not one, but two massive security scandals?

Zuckerberg answered to Congress after Facebook was infiltrated by Cambridge Analytica, a data organization with ties to the Trump administration. In the beginning of 2014, the organization obtained data on 50 million Facebook users in a way that deceived both the users and Facebook itself. 

If that weren’t enough, just months later Facebook revealed at least 30 million users’ data were confirmed to be at risk after attackers exploited a vulnerability allowing them access to users’ personal data. Zuckerberg said that the attackers were using Facebook developer APIs to obtain information, like “name, gender, and hometowns” linked to a user’s profile page. Queue #deleteFacebook. 

A Pew report detailed how Facebook users are becoming more cautious and critical, but they still can’t quit. News and social networking are like oil and water — they can’t blend into coexistence on the same news feed. In 2018, Facebook was caught in a perfect storm. Users started to understand Facebook for what it actually is: powered by algorithms that coalesce fact, opinion and malicious fake content on a platform designed to financially profit off the addictive tendencies of its users. The silver lining is that as people become more cautious and critical of Facebook, the market is readying itself for a new, better social network to be designed off the pioneering mistakes of its predecessors.

Apple hits a $1 trillion market cap and celebrates the anniversary of the iPhone with design changes

This was a hardware-heavy year for Apple. The MacBook Air got Retina Display. The Apple Watch got a big redesign. The iPad Pro said farewell to the home button. We met the new mac Mini and an updated Apple Pencil. In September, Apple held its annual hardware event in Cupertino to announce three new iPhone models, the XS (the normal one), XR (the cheap one) and the XS Max (the big one). We also learned that the company went back to the drawing board on the Mac Pro.

In August, Apple won the race to $1 trillion in market cap. It wasn’t the frayed cords or crappy keyboards that boosted the company past this milestone, but rather price hikes in its already high-margin iPhone sales. But while Apple remains wildly profitable, growth is slowing notably.

Tech stocks took a beating toward the end of the year, and although Apple seems to have weathered the storm better than most companies, it may have reached a threshold for how much it can innovate on its high-end hardware. It may be wise for the company to focus on other methods of bringing in revenue like Apple Music and iCloud if it wants to shoot for the $2 trillion market cap.

As the biggest, richest companies get bigger and richer, questions about antitrust and regulation rise to ensure they don’t hold too much economic power. Tim Cook has more authority than many political leaders. Let’s hope he uses it for good.

Tesla CEO Elon Musk sued by the SEC for securities fraud

In August, Tesla CEO Elon Musk announced in a tweet heard around the internet that he was considering taking Tesla private for $420 per share and that he’d secured funding to do so. The questioning started. Was it legit? Was it a marijuana joke? The tweet caused Tesla’s stock price to jump by more than 6 percent on August 7. Musk also complained that being a public company “subjects Tesla to constant defamatory attacks by the short-selling community, resulting in great harm to our valuable brand.”

Turns out, Musk had indeed met with representatives from the Saudi sovereign wealth fund, and that the fund’s lead rep told Musk that they’d bought about 5 percent of Tesla’s stock at a stake worth $2 billion, were interested in taking the company private and confirmed that this rep had the power to make these kinds of investment decisions for the fund. However nothing was written on paper, and Musk did not notify the Nasdaq – an important requirement.

At the end of September, the SEC filed a lawsuit against Musk for securities fraud in regards to his “false and misleading” tweets, seeking to remove him from Tesla. Musk settled with the SEC two days after being charged, resigning from his chairman position but remaining CEO. Musk and Tesla were also ordered to pay separate $20 million fines to “be distributed to harmed investors under a court-approved process,” according to the SEC.

Public companies are supposed to value the interests of their shareholders. Pulling the trigger on an impulsive tweet breaks that trust – and in Musk’s case, cost $40 million and a board seat. This is why we should never put too much fear or faith in our leaders. Musk is brilliant and his inventions are changing the world. But he is human and humans are flawed and the Tesla board should have done more to balance power at the top. 

The great Amazon HQ2 swindle

Tech jobs bring new wealth to cities. Amazon set out on a roadshow across America in what the company described as a search for its second headquarters, or “HQ2.” The physical presence of Amazon’s massive retail and cloud businesses would undoubtedly bring wealth, innovation, jobs and investment into a region.

There was initial hope that the retail giant would choose a city in the American heartland, serving as a catalyst for job growth in a burgeoning tech hub like Columbus, Ohio, Detroit, Mich., or Birmingham, Ala. But in the end, Amazon split the decision between two locations: New York (Long Island City) and Arlington, Virginia, as the sites for its new offices. The response? Outrage.

Jon Shieber noted that cities opened their books to the company to prove their viability as a second home for the retailing giant. In return, Amazon reaped data on urban and exurban centers that it could use to develop the next wave of its white-collar office space, and more than $2 billion worth of tax breaks from the cities that it will eventually call home for its new offices.

Danny Crichton argued that Amazon did exactly what it should have with its HQ2 process. Crichton wrote that Amazon is its own entity and therefore has ownership of its decisions. It allowed cities to apply and provide information on why they might be the best location for its new headquarters. Maybe the company ignored all of the applications. Maybe it was a ploy to collect data. Maybe it wanted publicity. Regardless, it allowed input into a decision it has complete and exclusive control over.

Let’s hope that in 2019, Silicon Valley will hold on to some of its ethos as a venture funded sandbox for brilliant entrepreneurs who want to upend antiquated industries with proprietary tech inventions. But let it be known that sleeping at the wheel while your company gets breached, turning a blind eye to the evildoings of your largest funding sources and executive immunity from sexual misconduct violations no longer have their place here.