The cyberextortion attack hitting dozens of countries spread quickly and widely thanks to an unusual confluence of factors: a known and highly dangerous security hole in Microsoft Windows, tardy users who didn’t apply Microsoft’s March software fix, and a software design that allowed the malware to spread quickly once inside university, business and government networks.

Not to mention the fact that those responsible were able to borrow weaponized software code apparently created by the U.S. National Security Agency to launch the attack in the first place.

Other criminals may be tempted to mimic the success of Friday’s “ransomware” attack, which locks up computers and hold people’s files for ransom. Experts say it will be difficult for them to replicate the conditions that allowed the so-called WannaCry ransomware to proliferate across the globe.

But we’re still likely to be living with less virulent variants of WannaCry for some time. And that’s for a simple reason: Individuals and organizations alike are fundamentally terrible about keeping their computers up-to-date with security fixes.

The worm

One of the first “attacks” on the internet came in 1988, when a graduate student named Robert Morris Jr. released a self-replicating and self-propagating program known as a “worm” onto the then-nascent internet. That program spread much more quickly than expected, soon choking and crashing machines across the internet.

The Morris worm wasn’t malicious, but other nastier variants followed — at first for annoyance, later for criminal purposes, such as stealing passwords. But these worm attacks became harder to pull off as computer owners and software makers shored up their defenses.

So criminals turned to targeted attacks instead to stay below the radar. With ransomware, criminals typically trick individuals into opening an email attachment containing malicious software. Once installed, the malware just locks up that computer without spreading to other machines.

The hackers behind WannaCry took things a step further by creating a ransomware worm, allowing them to demand ransom payments not just from individual but from entire organizations — maybe even thousands of organizations.

Perfect storm

Once inside an organization, WannaCry uses a Windows vulnerability purportedly identified by the NSA and later leaked to the internet. Although Microsoft released fixes in March, the attackers counted on many organizations not getting around to applying those fixes. Sure enough, WannaCry found plenty of targets.

Since security professionals typically focus on building walls to block hackers from entering, security tends to be less rigorous inside the network. WannaCry exploited common techniques employees use to share files via a central server.

“Malware that penetrates the perimeter and then spreads inside the network tends to be quite successful,” said Johannes Ullrich, director of the Internet Storm Center at the SANS Institute.

Persistent infections

“When any technique is shown to be effective, there are almost always copycats,” said Steve Grobman, chief technology officer of McAfee, a security company in Santa Clara, California. But that’s complicated, because hackers need to find security flaws that are unknown, widespread and relatively easy to exploit.

In this case, he said, the NSA apparently handed the WannaCry makers a blueprint — pre-written code for exploiting the flaw, allowing the attackers to essentially cut and paste that code into their own malware.

Mikko Hypponen, chief research officer at the Helsinki-based cybersecurity company F-Secure, said ransomware attacks like WannaCry are “not going to be the norm.” But they could still linger as low-grade infections that flare up from time to time.

For instance, the Conficker virus, which first appeared in 2008 and can disable system security features, also spreads through vulnerabilities in internal file sharing. As makers of anti-virus software release updates to block it, hackers deploy new variants to evade detection.

Conficker was more of a pest and didn’t do major damage. WannaCry, on the other hand, threatens to permanently lock away user files if the computer owner doesn’t pay a ransom, which starts at $300 but goes up after two hours.

The damage might have been temporarily contained. An unidentified young cybersecurity researcher claimed to help halt WannaCry’s spread by activating a so-called “kill switch.” Other experts found his claim credible. But attackers can, and probably will, simply develop a variant to bypass this countermeasure.

Fighting back

The attack is likely to prompt more organizations to apply the security fixes that would prevent the malware from spreading automatically. “Talk about a wake-up call,” Hypponen said.

Companies are often slow to apply these fixes, called patches, because of worries that any software change could break some other program, possibly shutting down critical operations.

“Whenever there is a new patch, there is a risk in applying the patch and a risk in not applying the patch,” Grobman said. “Part of what an organization needs to understand and assess is what those two risks are.”

Friday’s attack might prompt companies to reassess the balance. And while other attackers might use the same flaw, such attacks will be steadily less successful as organizations patch it.

Microsoft took the unusual step late Friday of making free patches available for older Windows systems, such as Windows XP from 2001. Before, Microsoft had made such fixes available only to mostly larger organizations that pay extra for extended support, yet millions of individuals and smaller businesses still had such systems.

But there will be other vulnerabilities to come, and not all of them will have fixes for older systems. And those fixes will do nothing for newer systems if they aren’t installed.
…

Malicious software called “ransomware” has forced British hospitals to turn away patients and affected Spanish companies such as Telefonica as part of a global outbreak that has affected tens of thousands of computers.

How does it work?

WannaCry — also known as WanaCrypt0r 2.0, WannaCry and WCry — is a form of “ransomware” that locks up the files on your computer and encrypts them in a way that you cannot access them anymore.

How does it spread?

Ransomware is a program that gets into your computer, either by clicking on the wrong thing or downloading the wrong thing, and then it holds something you need to ransom.

In the case of WannaCry, the program encrypts your files and demands payment in bitcoin in order to regain access.

Security experts warn there is no guarantee that access will be granted after payment. Some ransomware that encrypts files ups the stakes after a few days, demanding more money and threatening to delete files altogether.

There are different variants of what happens: Other forms of ransomware execute programs that can lock your computer entirely, only showing a message to make payment in order to log in again. There are some that create pop-ups that are difficult or impossible to close, rendering the machine difficult or impossible to use.

Where has it spread?

British-based cyber researcher Chris Doman of AlienVault said the ransomware “looks to be targeting a wide range of countries,” with initial evidence of infections in at least two dozen nations, according to experts from three security firms.

The broad-based ransomware attack has appeared in at least eight Asian nations, a dozen countries in Europe, Turkey and the United Arab Emirates and Argentina, and appears to be sweeping around the globe, researchers said.

What is so special about WannaCry?

WannaCry is not just a ransomware program, it is also a worm.

This means that it gets into your computer and looks for other computers to try and spread itself as far and wide as possible.

Ransomware has a habit of mutating, so it changes over time in order to find different ways to access computers or to get around patches (operating system updates that often include security updates). Many security firms are already aware of WannaCry in past forms and most are looking at this one right now to see how it might be stopped.

Several cybersecurity firms said WannaCry exploits a vulnerability in Microsoft and that Microsoft patched this in March. People don’t always install updates and patches on their computers, and so this means vulnerabilities can remain open a lot longer and make things easier for hackers to get in.

It exploited a vulnerability in the Windows operating system believed to have been developed by the National Security Agency, which became public last month. It was among a large number of hacking tools and other files that a group known as the Shadow Brokers released on the internet. Shadow Brokers said that they obtained it from a secret NSA server.

The identity of Shadow Brokers is unknown, though many security experts believe the group that surfaced in 2016 is linked to the Russian government.

The NSA and Microsoft did not immediately respond to requests for comment.
…

Most technology experts agree that self-driving cars will soon finish the testing phase and enter the commercial market, probably as taxis and delivery vehicles. But some of them wonder if the cars’ artificial brains will be able to cope with the human propensity to bend the traffic rules. VOA’s George Putic reports.
…

An aggressive wave of cyberattacks hit companies and public institutions around the globe Friday, causing international havoc and bringing many services to a standstill. Computers were locked up and users’ files held for ransom when dozens of countries were hit in a cyberextortion attack that targeted hospitals, companies and government agencies.

What is ransomware?

Ransomware is a type of malware that attempts to extort a computer user for money. In some cases, the ransomware encrypts certain files and holds them hostage. In other cases, as happened Friday, it locks a user out of their entire computer system until a ransom is paid. Some ransomware that encrypts files increases the stakes after a few days, demanding more money and threatening to delete files altogether.

Steps of ransomware infection

A ransomware infection usually takes these five steps.

1. The user downloads malware from an infected website or email.

2. The initial malware hijacks the user’s browser and redirects it to a malicious site.

3. Part of the malware, called an exploit kit, looks for vulnerabilities in the user’s system.

4. Once a vulnerability is found, a malicious payload is downloaded onto the victim’s computer.

5. Then the malware calls home with sensitive data from the user’s computer. In the case of ransomware, the malware attempts to extort the user for money.

The ransomware program that spread Friday is not just malware, it is also a worm. This means that the malware gets into a computer and looks for other computers to try and spread itself as far as possible.

Do ransomware attacks generate money for the hackers?

Yes, they can. A hospital system in Los Angeles paid about $17,000 earlier this year following an attack that blocked hospital employees from using email and other forms of electronic communication by using encryption to lock them out of the system. The hackers even set up a help line to answer questions about paying the ransom.

Security industry experts say such attacks are becoming more prevalent, but are rarely made public.

How is the NSA involved?

The hackers appear to have used a technique that was discovered by the National Security Agency and was leaked online in April by a group calling itself the Shadow Brokers.

The malware is exploiting a flaw in Microsoft software. Microsoft created a patch to fix the flaw earlier this year, but not all businesses have updated their operating systems.

Who carried out the attack?

Investigators are pursuing information, but have not said if they have any strong leads. Officials say they believe the attack is the work of criminals and not a foreign government. The original hacking tool was apparently stolen from the NSA and leaked online by the Shadow Brokers, but officials do not know who that group is or whether they carried out this attack.

How to keep your computer safe

Microsoft released a patch in March that fixes the specific vulnerability exploited in this attack. The U.S. Department of Homeland Security is urging people to take three steps.

1. Update your systems to include the latest patches.

2. Do not click on or download unfamiliar links or files in emails.

3. Back up your data to prevent possible loss.
…

A global cyber attack on Friday affected British hospitals, government agencies and companies in 99 countries, with Russia, Ukraine and Taiwan the top targets, security software maker Avast said.

Hacking tools widely believed by researchers to have been developed by the U.S. National Security Agency that were leaked online last month appear to have been leveraged to launch the attacks.

Around 1,000 computers at the Russian Interior Ministry were affected by the cyber attack, a spokeswoman for the ministry told Interfax.

Some of the companies affected:

FedEx Corp

Telefonica SA

Portugal Telecom

Telefonica Argentina
…

A handful of New Yorkers have gathered at New York University to practice conversing in Arabic. Their two conversation partners have joined via Skype, video images projected side-by-side on a TV monitor.

The scene would be nothing out of the ordinary, save for the fact that the conversation partners, Ghayath and Rasha, are recently displaced Syrian refugees.

They are among some 50 refugees working with NaTakallam, a New York startup that pairs Arabic language learners, most based in the U.S., with displaced Syrians for paid, one-on-one conversation practice sessions over Skype.

NaTakallam sessions have garnered more than $110,000 for refugee instructors since launching in August 2015, according to the startup. Instructors keep $10 of the $15 paid by students for a one hour session. For the many Syrian refugees who must often start over and adjust to life in entirely new countries, the earnings supplement work that is already difficult to secure.

The idea for NaTakallam (Arabic for “we speak”) grew out of Aline Sara’s desire to improve her own Arabic speaking skills as a Lebanese-American. “The opportunities to practice Arabic were . . . kind of limited in New York, or extremely expensive for what I could afford at the time,” said the startup founder and CEO.

Typical Arabic classes also tend to teach Modern Standard Arabic, which Sara describes as “a Shakespearean version” of Arabic. “You don’t speak that way in your day-to-day activities,” she said. Conversational sessions provide the opportunity to practice regional dialects of the language. Most Syrians speak Levantine Arabic, one of the most widely understood dialects among Arabic speakers.

Instructors

For instructors like Ghayath, a Syrian refugee who has resettled in Italy, the language sessions are also an opportunity for cultural exchange. “We choose to speak together about daily life, about their interests, about my life, their life … the news.”

“I always say NaTakallam is my window to the world, because I travel every day through this small screen,” he added.

Students sign on for a variety of reasons, whether they’re studying related subjects such as political science, history or journalism or are part of the Arab diaspora and hoping to improve their native language skills. Other students may be tourists preparing for a trip abroad. Ghayath assesses each student’s particular language needs and tailors lessons accordingly.

Beyond the financial independence NaTakallam offers, Sara stresses the importance of bringing awareness and understanding to refugee communities.

“We’re always talking about refugees en masse. We don’t take the time to individualize them, to humanize them. This is a direct way,” said Sara, “You’re connecting in a one-on-one setting, people get to know each other. I think it’s very powerful.”

 
…

A Dutch entrepreneur has come up with an invention he says will allow him to start cleaning up a massive floating garbage patch in the Pacific two years ahead of schedule.

“To catch the plastic, act like plastic,” Boyan Slat said Thursday in Utrecht.

Slat’s Ocean Cleanup foundation plans to scoop up most of the Great Pacific Garbage Patch — a gargantuan floating island of plastic between the U.S. states of Hawaii and California.

When he discovered that his original plan of attaching large barriers to the sea floor to trap the plastic would not work, Stal devised a different plan.

The barriers will instead be weighed down by floating anchors and travel in the same sea currents as the garbage, trapping it.

Slat says the new plan will allow him to start collecting the trash within a year — two years ahead of schedule.

The young entrepreneur’s system is making waves among America’s super-rich philanthropists. Last month, his foundation announced it had raised $21.7 million in donations since November, clearing the way for large-scale trials at sea. Among donors were Salesforce.com CEO Marc Benioff and PayPal co-founder Peter Thiel.

Nancy Wallace, director of the Marine Debris Program at the U.S. National Oceanic and Atmospheric Administration, said much of the garbage in the world’s oceans is found throughout the water column — at different depths. That would likely put some of it out of reach of Slat’s barriers.

However she applauded The Ocean Cleanup for bringing the issue to a broad public.

“The more people are aware of it, the more they will be concerned about it,” Wallace said. “My hope is that the next step is to say `what can I do to stop it?’ and that’s where prevention comes in.”

The Great Pacific Garbage Patch is not just an ugly reminder of a throwaway human society — it is also a danger to sea life and humans. Tiny bits of plastic can find their way into the food chain.

Ocean Cleanup says 8 million tons of plastic wind up in the seas every year. One piece of plastic can take decades to break down.

Slat on Thursday brought out an intact plastic crate fished from the Pacific last year. The date 1977 was stamped on it.

Some information for this report from AP.
…

In just a few years, well-mannered self-driving robotaxis will share the roads with reckless, law-breaking human drivers. The prospect is causing migraines for the people developing the robotaxis.

A self-driving car would be programmed to drive at the speed limit. Humans routinely exceed it by 10 to 15 mph (16 to 24 kph) — just try entering the New Jersey Turnpike at normal speed. Self-driving cars wouldn’t dare cross a double yellow line; humans do it all the time. And then there are those odd local traffic customs to which humans quickly adapt.

In Los Angeles and other places, for instance, there’s the “California Stop,” where drivers roll through stop signs if no traffic is crossing. In Southwestern Pennsylvania, courteous drivers practice the “Pittsburgh Left,” where it’s customary to let one oncoming car turn left in front of them when a traffic light turns green. The same thing happens in Boston. During rush hours near Ann Arbor, Michigan, drivers regularly cross a double-yellow line to queue up for a left-turn onto a freeway.

“There’s an endless list of these cases where we as humans know the context, we know when to bend the rules and when to break the rules,” said Raj Rajkumar, a computer engineering professor at Carnegie Mellon University who leads the school’s autonomous car research.

Although autonomous cars are likely to carry passengers or cargo in limited areas during the next three to five years, experts say it will take many years before robotaxis can coexist with human-piloted vehicles on most side streets, boulevards and freeways. That’s because programmers have to figure out human behavior and local traffic idiosyncrasies. And teaching a car to use that knowledge will require massive amounts of data and big computing power that is prohibitively expensive at the moment.

“Driverless cars are very rule-based, and they don’t understand social graces,” said Missy Cummings, director of Duke University’s Humans and Autonomy Lab.

Driving customs and road conditions are dramatically different across the globe, with narrow, congested lanes in European cities, and anarchy in Beijing’s giant traffic jams. In India’s capital, New Delhi, luxury cars share poorly marked and congested lanes with bicycles, scooters, trucks, and even an occasional cow or elephant.

Then there is the problem of aggressive humans who make dangerous moves such as cutting cars off on freeways or turning left in front of oncoming traffic. In India, for example, even when lanes are marked, drivers swing from lane to lane without hesitation.

Already there have been isolated cases of human drivers pulling into the path of cars such as Teslas, knowing they will stop because they’re equipped with automatic emergency braking.

“It’s hard to program in human stupidity or someone who really tries to game the technology,” says John Hanson, spokesman for Toyota’s autonomous car unit.

Kathy Winter, vice president of automated driving solutions for Intel, is optimistic that the cars will be able to see and think like humans before 2030.

Cars with sensors for driver-assist systems already are gathering data about road signs, lane lines and human driver behavior. Winter hopes auto and tech companies developing autonomous systems and cars will contribute this information to a giant database.

Artificial intelligence developed by Intel and other companies eventually could access the data and make quick decisions similar to humans, Winter says.

Programmers are optimistic that someday the cars will be able to handle even Beijing’s traffic. But the cost could be high, and it might be a decade or more before Chinese regulators deem self-driving cars reliable enough for widespread public use, said John Zeng of LMC Automotive Consulting.

Intel’s Winter expects fully autonomous cars to collect, process and analyze four terabytes of data in 1 { hours of driving, which is the average amount a person spends in a car each day. That’s equal to storing over 1.2 million photos or 2,000 hours of movies. Such computing power now costs over $100,000 per vehicle, Zeng said. But that cost could fall as more cars are built.

Someday autonomous cars will have common sense programmed in so they will cross a double-yellow line when warranted or to speed up and find a gap to enter a freeway. Carnegie Mellon has taught its cars to handle the “Pittsburgh Left” by waiting a full second or longer for an intersection to clear before proceeding at a green light. Sensors also track crossing traffic and can figure out if a driver is going to stop for a sign or red light. Eventually there will be vehicle-to-vehicle communication to avoid crashes.

Still, some skeptics say computerized cars will never be able to think exactly like humans.

“You’ll never be able to make up a person’s ability to perceive what’s the right move at the time, I don’t think,” said New Jersey State Police Sgt. Ed Long, who works in the traffic and public safety office.
…

China is testing the ability for future astronauts to stay on the moon for extended periods, as Beijing accelerates its space program and looks to put people on the surface of the moon within the next two decades.

The official Xinhua news agency said volunteers would live in a “simulated space cabin” for between 60-200 days over the next year helping scientists understand what will be needed for humans to “remain on the moon in the medium and long terms”.

Chinese President Xi Jinping has called for China to become a global power in space exploration, with plans to send a probe to the dark side of the moon by 2018, the first ever such trip, and to put astronauts on the moon by 2036.

“While it remains unclear exactly how long China’s first lunar explorers will spend on the surface, the country is already planning for longer stays,” Xinhua said.

Two groups of four volunteers will live in the simulated cabin “Yuegong-1” to test how a life-support system works in a moon-like environment. A similar 105-day trial was carried out successfully in 2014.

The system, called the Bioregenerative Life Support System (BLSS), allows water and food to be recycled and is key to any Chinese probes to the moon or beyond.

“The latest test is vital to the future of China’s moon and Mars missions and must be relied upon to guarantee the safety and health of our astronauts,” Liu Zhiheng of the Chinese Academy of Sciences told the news agency.

The Yuegong-1 cabin has a central living space the size of a “very small urban apartment” and two “greenhouses” for plants.

In March, China announced plans to launch a space probe to bring back samples from the moon this year, while the country’s first cargo space craft docked with an orbiting space lab in April, a major step as Beijing looks to establish a permanently manned space station by 2022.

Despite the advances in China’s space program for military, commercial and scientific purposes, China still lags behind the United States and Russia.
…

Earlier this year, engineers at Wal-Mart Stores Inc. who track rivals’ prices online got a rude surprise: the technology they were using to check Amazon.com several million times a day suddenly stopped working.

Losing access to Amazon.com Inc.’s data was no small matter. Like most big retailers, Wal-Mart relies on computer programs that scan prices on competitors’ websites so it can adjust its listings accordingly. A difference of even 50 cents can mean losing a sale.

But a new tactic by Amazon to block these programs — known commonly as robots or bots — thwarted the Bentonville, Arkansas-based retailer.

Its technology unit, @WalmartLabs, was unable to work around the blockade for weeks, forcing it to retrieve Amazon’s data through a secondary source, according to a person familiar with the matter who was not authorized to speak publicly.

The previously unreported incident offers a case study in how Amazon’s technological prowess is helping it dominate the retail competition.

Now the largest online retailer in the world, Amazon is best known by consumers for its fast delivery, huge product catalog and ambitious moves into areas like original TV programming. But its mastery of the complex, behind-the-scenes technologies that power modern e-commerce is just as important to its success.

Dexterity with bots allows Amazon not only to see what its rivals are doing, but increasingly to keep them in the dark when it undercuts them on price or is quietly charging more.

“Benchmarking against Amazon is going to become hard,” said Guru Hariharan, a former Amazon manager who now sells pricing software to retailers as chief executive of Mountain View, California-based Boomerang Commerce.

A Wal-Mart spokesman declined to discuss the January episode but said the company improves its technology regularly and has multiple tools for tracking items. He said the company offers value not only through pricing but from discounts for in-store pickup and other benefits.

A spokeswoman for Amazon said the company is aware of competitors using bots to check its listings and denied any “campaign” to stop them. “Nothing has changed recently in how we manage bots on our site,” she said. Still, she said, “we prioritize humans over bots as needed.”

Bots can slow down a website, a big motivator for retailers to block them.

Reuters interviewed 21 people familiar with bots and how they are deployed, including current and former Wal-Mart employees, former Amazon employees and outside specialists. Many spoke only on condition of anonymity because they were not authorized to discuss the issues publicly.

Most pointed to Amazon’s leadership in the burgeoning bot wars.

The company’s technological edge has been good for its profit margin, and it’s proving a winning formula for investors.

Shares of the internet powerhouse have risen about 15-fold since the market’s bottom in March 2009, while the S&P 500 has more than tripled in value. Amazon hit $100 billion in annual sales in 2015 — faster than any company in history, it said.

Brave new world

Bot-driven pricing has represented a massive change for the retail industry since Amazon helped pioneer the practice more than a decade ago.

Traditionally, brick-and-mortar stores changed prices no more than weekly because of the time and expense needed to swap labels by hand.

In the world of e-commerce, though, retailers update prices with ease, sometimes multiple times a day, helped by algorithms that consider inventory levels, sales forecasts and rivals’ pricing data.

To stay in the game, companies such as online wholesaler Boxed, based in New York, depend on a variety of methods including bots to ensure they do not lag others’ price moves for even 20 minutes.

“That’s like a lifetime during Christmas,” said Chief Executive Chieh Huang, whose company sells bulk staples like toilet paper and pet food. “If we’re not decently priced, we’ll see it almost immediately” in sales declines.

Disguised as humans

Using bots to view massive amounts of data on public websites — a process known as crawling or scraping — has many purposes. Alphabet Inc.’s Google, for example, constantly crawls the Web to gather information for its search engine results and to sell ads.

In e-commerce, though, the use of bots has developed into a cat-and-mouse game. Companies try to thwart the practice on their own websites while aiming to penetrate their competitors’ defenses. Third-party services abound to help less-savvy retailers.

To protect data from rivals, some retail websites use what’s known as a “CAPTCHA” — typically a distorted string of letters and numbers that humans can read but most bots can’t. Amazon shies away from the practice because it annoys some customers.

For merchants seeking to evade such defenses, disguising their computer programs as real shoppers is key. Some pricing technology experts have programmed computer cursors to meander through a Web page in the way a person might, instead of going directly to the prized data. Another technique is to use multiple computer addresses so that retailers cannot track a barrage of clicks to a single source.

“It is an arms race,” said Keith Anderson, a senior vice president at e-commerce analytics firm Profitero, based in Ireland. “Every week or every month, there’s some new approach from both sides.”

Amazon’s maneuver that halted Wal-Mart in January took aim at a specialized Web browser called PhantomJS. Unlike, say, Internet Explorer, this browser is designed specifically for programmers — a telltale clue that its users are not typical shoppers. Amazon put up a digital curtain to hide its listings from PhantomJS users, according to three people familiar with the situation.

It was unclear how the move, which was not aimed at Wal-Mart in particular, affected other companies.

Tests conducted in recent weeks for Reuters show that among major U.S. retail chains, Amazon had by far the most sophisticated bot detection in place, both for its home page and for two popular items selected by Reuters because they change price frequently — a De’Longhi coffee maker and a Logitech webcam.

The tests were run by San Francisco-based Distil Networks, which sells anti-bot tools. In one of the tests, Distil programmed bots to hit each retailer’s website 3,000 times, but slowly enough to mimic a person clicking through listings. This tricked most retail behemoths, but not Amazon.

Blocked bots would not have seen, for instance, that Amazon’s price for the De’Longhi espresso machine changed four times in a single 24-hour period starting on the morning of April 25, according to price tracking website camelcamelcamel.com. During that time, the price swung by more than 10 percent, from a low of $80.06 to $88.16.

Swarming with bots

Despite Amazon’s capabilities, the sheer volume of crawling on its site is staggering. At times, as many as 80 percent of the clicks on Amazon product listings have been from bots, people familiar with the matter say, compared with just a third or more of the traffic on other large sites.

In addition to rivals seeking price data, that traffic includes bots from university researchers studying competition, search engines, advertising services and even fraudsters trying to break into Amazon accounts.

For Wal-Mart, a small group in Silicon Valley directs its automated pricing strategy while dozens of engineers in India and around the world handle the code, current and former Wal-Mart employees said.

Amazon had about 40 engineers who would covertly extract and organize rivals’ data with bots as of several years ago, one of the people interviewed said. Amazon did not discuss the size or structure of its teams working with bots.

According to one U.S. patent application, Amazon is working on encryption technology that would force bots, but not humans, to solve a complicated algorithm to gain access to its Web pages.

“Amazon has both the competency to detect bot traffic and the wherewithal to do something about it,” said Scott Jacobson, a former Amazon manager and now managing director of Madrona Venture Group. That “isn’t the case for most retailers.”

 
…

Microsoft Corp. on Wednesday turned up the heat on other technology giants by launching new image and video recognition products which could help it court businesses worried about running ads next to offensive content.

The Redmond, Washington-based company said its new Video Indexer can identify faces, voices and emotions in moving pictures. Separately, its Custom Vision Search lets companies build apps that recognize images with just a few lines of code.

For brands, knowing what’s in the videos that they sponsor has become a hot-button issue since major companies began canceling ad deals with Alphabet Inc’s Google this year over hate speech playing on its subsidiary YouTube.

Microsoft’s Video Indexer has similarities to a tool Google launched in March; Amazon.com Inc also said last month it could flag insulting images via a cloud-based service.

Microsoft’s latest moves underscore how its focus has evolved from its staple Windows software to the cloud, where it is competing with Amazon to sell data storage and computing power. Extra analytics such as image recognition may prove key to luring Web developers.

“It’s hard to understand what’s in the video” the longer it is, said Irving Kwong, a senior product director at Microsoft, in an interview ahead of the company’s developer conference Build. He said Video Indexer, which analyzes videos far faster than humans can, could help a user “harness and get more out of the video content that you have.”

The tools launched in preview by the Microsoft Cognitive Services unit on Wednesday, including a decision recommendation service, have one aim apart from winning business: data.

Microsoft views the tools as a way to put powerful computing into people’s hands and improve the tools at the same time, because processing more data is key to reaching artificial intelligence. Others including Amazon are pursuing this strategy, with the prize being a new revenue stream.

Research firm International Data Corporation has forecast the market for such tools will balloon to over $47 billion in sales in 2020 from $8 billion in 2016.

Microsoft pulled back the curtain on experiments that are further afield, too. It announced a new Cognitive Labs unit and the so-called Project Prague: technology to allow people to control computers simply with hand gestures.
…

Facebook is planning to intensify its crackdown on so-called clickbait websites, saying it will begin giving lower prominence to links that lead to pages full of deceptive or annoying advertisements.

The downgrade of the links was expected to take effect beginning on Wednesday on News Feed, the home page of Facebook where people go to see posts from friends and family.

Facebook said it wanted to downplay links that people post to websites that have a disproportionate volume of ads relative to content, or that have deceptive or sexually suggestive ads along the lines of “5 Tips to be Amazing in Bed” or “1 Crazy Tip to Lose Weight Overnight!”

Links to websites with pop-up ads or full-screen ads also would be downplayed, it said.

People scrolling through their News Feed are often disappointed when they click on such links and do not find valuable information, Andrew Bosworth, Facebook’s vice president of ads and business platform, said in an interview.

“People don’t want to see this stuff,” he said. “We’re just trying to figure out how to find it and rank it further down News Feed when possible.”

Facebook uses a computer algorithm to determine which posts people see first from friends and family, and it frequently refines the algorithm to keep up with spam or other concerns.

The company said in August it was adjusting the algorithm to downplay news stories with clickbait-style headlines, a style of headline that intentionally withholds information or misleads people to get them to click on them.

In December, facing criticism that hoaxes and fake news stories spread too easily on Facebook in the run-up to the U.S. presidential election on November 8, the company made it easier for people to report those kinds of posts.

Facebook, the world’s largest social media network with 1.9 billion monthly users, has enormous power with its algorithms to potentially drive traffic to media publishers or stymie it.

The company said it reviewed hundreds of thousands of websites linked to from Facebook to identify those with little substance but lots of disruptive or shocking ads.

Bosworth declined to name any websites Facebook wants to target. He said only publishers of spam needed to worry about seeing less traffic, and other publishers could see their traffic go up.

“This is a small number of the worst of the worst,” he said.
…