25 May 2018

Some low-cost Android phones shipped with malware built in


Avast has found that many low-cost, non-Google-certifed Android phones shipped with a strain of malware built in that could send users to download apps they didn’t intend to access. The malware, called called Cosiloon, overlays advertisements over the operating system in order to promote apps or even trick users into downloading apps. Devices effected shipped from ZTE, Archos and myPhone.

The app consists of a dropper and a payload. “The dropper is a small application with no obfuscation, located on the /system partition of affected devices. The app is completely passive, only visible to the user in the list of system applications under ‘settings.’ We have seen the dropper with two different names, ‘CrashService’ and ‘ImeMess,'” wrote Avast. The dropper then connects with a website to grab the payloads that the hackers wish to install on the phone. “The XML manifest contains information about what to download, which services to start and contains a whitelist programmed to potentially exclude specific countries and devices from infection. However, we’ve never seen the country whitelist used, and just a few devices were whitelisted in early versions. Currently, no countries or devices are whitelisted. The entire Cosiloon URL is hardcoded in the APK.”

The dropper is part of the system’s firmware and is not easily removed.

To summarize:

The dropper can install application packages defined by the manifest downloaded via an unencrypted HTTP connection without the user’s consent or knowledge.
The dropper is preinstalled somewhere in the supply chain, by the manufacturer, OEM or carrier.
The user cannot remove the dropper, because it is a system application, part of the device’s firmware.

Avast can detect and remove the payloads and they recommend following these instructions to disable the dropper. If the dropper spots antivirus software on your phone it will actually stop notifications but it will still recommend downloads as you browse in your default browser, a gateway to grabbing more (and worse) malware. Engadget notes that this vector is similar to the Lenovo “Superfish” exploit that shipped thousands of computers with malware built in.


Read Full Article

Some low-cost Android phones shipped with malware built in


Avast has found that many low-cost, non-Google-certifed Android phones shipped with a strain of malware built in that could send users to download apps they didn’t intend to access. The malware, called called Cosiloon, overlays advertisements over the operating system in order to promote apps or even trick users into downloading apps. Devices effected shipped from ZTE, Archos and myPhone.

The app consists of a dropper and a payload. “The dropper is a small application with no obfuscation, located on the /system partition of affected devices. The app is completely passive, only visible to the user in the list of system applications under ‘settings.’ We have seen the dropper with two different names, ‘CrashService’ and ‘ImeMess,'” wrote Avast. The dropper then connects with a website to grab the payloads that the hackers wish to install on the phone. “The XML manifest contains information about what to download, which services to start and contains a whitelist programmed to potentially exclude specific countries and devices from infection. However, we’ve never seen the country whitelist used, and just a few devices were whitelisted in early versions. Currently, no countries or devices are whitelisted. The entire Cosiloon URL is hardcoded in the APK.”

The dropper is part of the system’s firmware and is not easily removed.

To summarize:

The dropper can install application packages defined by the manifest downloaded via an unencrypted HTTP connection without the user’s consent or knowledge.
The dropper is preinstalled somewhere in the supply chain, by the manufacturer, OEM or carrier.
The user cannot remove the dropper, because it is a system application, part of the device’s firmware.

Avast can detect and remove the payloads and they recommend following these instructions to disable the dropper. If the dropper spots antivirus software on your phone it will actually stop notifications but it will still recommend downloads as you browse in your default browser, a gateway to grabbing more (and worse) malware. Engadget notes that this vector is similar to the Lenovo “Superfish” exploit that shipped thousands of computers with malware built in.


Read Full Article

Uber in fatal crash detected pedestrian but had emergency braking disabled


The initial report by the National Transportation Safety Board on the fatal self-driving Uber crash in March confirms that the car detected the pedestrian as early as 6 seconds before the crash, but did not slow or stop because its emergency braking systems were deliberately disabled.

Uber told the NTSB that “emergency braking maneuvers are not enabled while the vehicle is under computer control, to reduce the potential for erratic vehicle behavior,” in other words to ensure a smooth ride. “The vehicle operator is relied on to intervene and take action. The system is not designed to alert the operator.” It’s not clear why the emergency braking capability even exists if it is disabled while the car is in operation. The Volvo model’s built-in safety systems — collision avoidance and emergency braking, among other things — are also disabled while in autonomous mode.

It appears that in an emergency situation like this this “self-driving car” is no better, or substantially worse, than many normal cars already on the road.

It’s hard to understand the logic of this decision. An emergency is exactly the situation when the self-driving car, and not the driver, should be taking action. Its long-range sensors can detect problems accurately from much further away, while its 360-degree awareness and route planning allow it to make safe maneuvers that a human would not be able to do in time. Humans, even when their full attention is on the road, are not the best at catching these things; relying only on them in the most dire circumstances that require quick response times and precise maneuvering seems an incomprehensible and deeply irresponsible decision.

According to the NTSB report, the vehicle first registered Elaine Herzberg on lidar 6 seconds before the crash — at the speed it was traveling, that puts first contact at about 378 feet away. She was first identified as an unknown object, then a vehicle, then a bicycle, over the next few seconds (it isn’t stated when these classifications took place exactly).

The car following the collision.

During these 6 seconds, the driver could and should have been alerted of an anomalous object ahead on the left — whether it was a deer, a car, or a bike, it was entering or could enter the road and should be attended to. But the system did not warn the driver and apparently had no way to.

1.3 seconds before impact, which is to say about 80 feet away, the Uber system decided that an emergency braking procedure would be necessary to avoid Herzberg. But it did not hit the brakes, as the emergency braking system had been disabled, nor did it warn the driver because, again, it couldn’t.

It was only when, less than a second before impact, the driver happened to look up from whatever it was she was doing, and saw Herzberg, whom the car had known about in some way for 5 long seconds by then. It struck and killed her.

It reflects extremely poorly on Uber that it had disabled the car’s ability to respond in an emergency — though it was authorized to speed at night — and no method for the system to alert the driver should it detect something important. This isn’t just a safety issue, like going on the road with a sub-par lidar system or without checking the headlights — it’s a failure of judgement by Uber, and one that cost a person’s life.

Arizona, where the crash took place, barred Uber from further autonomous testing, and Uber yesterday ended its program in the state.

Uber offered the following statement on the report:

Over the course of the last two months, we’ve worked closely with the NTSB. As their investigation continues, we’ve initiated our own safety review of our self-driving vehicles program. We’ve also brought on former NTSB Chair Christopher Hart to advise us on our overall safety culture, and we look forward to sharing more on the changes we’ll make in the coming weeks.


Read Full Article

24 May 2018

PayPal starts deeper integration with Google; users can now pay directly in Gmail, YouTube and more


Google earlier this year rebranded all of its payment services under Google Pay to help it double down on making transactions across its platform more frictionless (and more used). Now comes another development: PayPal and Google are kicking off a deep integration, where users who add their PayPal details to their Google Play accounts will be able to pay bills and for other items, using PayPal, without logging in and without leaving the Google services.

The integration, when it goes live later this year, will cover apps like Gmail, YouTube, Google Store and any services using Google Pay — and it will include not just payments but also peer-to-peer transfers.

This is not the first time that Google and PayPal have worked together — the latter has been a payment option in Google Play since 2014, in-store, and in online transactions that were managed by Google and a Google Pay option since last year. And similarly, Google itself has a number of other partners from the payments world, including Braintree, Sripe, Cybersource, Vantiv, Visa and Mastercard.

This new phase of the relationship is interesting for how it benefits both sides. For Google, it will mean that users are less likely to leave Google sites to complete a transaction, potentially never to return; and will give users one more option for how to pay for things, making Google’s own sales more likely to be completed rather than abandoned. For PayPal, it will give users one more easy option for using its rails when buying things, and that will translate into more transaction revenues for PayPal.

We’re in an interesting phase in the world of payments at the moment. The challenge is no longer getting people used to the idea of paying online: a substantial proportion of consumers in developed markets are willing and able to pay for items on digital platforms. The problem is one of trying to capture and keep users’ attention: there are potentially now too many payment options, and too many places for us to visit too easily. The struggle for app publishers, platform owners, and others now is to keep people engaged in your product, rather than migrating elsewhere, which could lead to people abandoning their purchases and also leaving your service for another one.

This is part of the reason why Amazon is so effective: it provides a very seamless and quick way for people to browse and buy things, even more so if you are a Prime subscriber.

In payments, this is translating into a new wave of services where transactions are being enabled at the point at which you need them, with minimal friction: no log-ins, no jumping to new sites or apps, no additional steps. Google and PayPal are not the only ones who are now knitting all of this together more tightly.

Just earlier this month, Microsoft integrated its own answer to Google Pay, Microsoft Pay, into Outlook precisely for this reason, with Stripe as one of the first active integration partners. And PayPal itself is buying mobile payments company iZettle to close the loop better on point of sale payments in markets like Europe.

I asked Bill Ready, the EVP and COO of PayPal (and previously the co-founder and head of Braintree), why it’s taken this long to get this integration in place on Google. I didn’t get a direct answer, but a hint that although tighter integration is the goal, it’s not always that easy to stitch together services from different silos:

“We are always looking for ways to improve the experience and to make payments even more seamless and secure for our customers wherever they want to pay,” he said. “After the successful launch with Android Pay last year, which built on our existing integration with Google Play, our teams came together to enable this new experience, which will allow customers in the U.S. who add PayPal to any one of Google’s services to be able to pay across the Google ecosystem, anywhere that PayPal is offered as a payment method, with only minimal setup.”


Read Full Article

Google opens its G Suite for Education to home-school co-ops


Google today announced that it is changing the eligibility guidelines of its free G Suite for Education service to include home-school co-ops. Parents and teachers who run home-school co-ops will be able to sign up for it in the coming weeks.

G Suite for Educations includes all of Google’s usual online productivity tools and then layers a number of education-specific services like Classroom on top of that. Google Classroom, it’s worth noting, was already available to any G Suite user, but to subscribe to G Suite for Education, you needed to be affiliated with a school or school district. Now, home-school co-ops will be able to verify their status and get access to G Suite for Education, too.

“Through technology, home-school co-op teachers can set and change assignments on the fly, students can work together even if geographically separated, and everyone has a common format for collaboration,” writes Darren Jones of the Home School Legal Defense Association, in today’s announcement. “It’s because of this potential that I’ve been working closely with Google this year to make sure that home-school co-ops have the same access as other schools to G Suite for Education.”

Google has piloted this program with a number of co-ops in recent months and given that these groups function a bit like traditional schools, with some being more formal than others, I can see how access to a shared and integrated set of tools would be useful there.


Read Full Article

Dog-sitting startup Rover just raised $155M


Rover, a dog-walking and dog-boarding service that merged with DogVacay around this time last year, is now the second of such startups this year to raise a massive new round of funding with its announcement of a $155 million financing round.

While competitor Wag has become a juggernaut, there seems room for both room for a second player and the potential to outmaneuver Wag even with its massive influx of capital. Both DogVacay and Rover had a very similar model and eventually merged in an all-stock deal, creating a more substantial competitor for Wag. The round consisted of $125 million in equity financing led by funds and accounts advised by T. Rowe Price Associates, with a $30 million credit facility with Silicon Valley Bank. The Wall Street Journal is reporting that the round values Rover at $970 million.

Wag earlier this year picked up $300 million in a massive funding round led by SoftBank. That was, of course, SoftBank — which is investing massive piles of capital into startups and pretty much altering the calculus of venture capital in the process. But it also signaled a huge interest in various dog-care services, including apparently Rover, as a potential business opportunity for the millions of dog owners in the world. If you’ll walk anywhere in San Francisco, you’re destined to run into a very large number of very good dogs, and it makes enough sense that there should be an opportunity to capitalize on dog-ownership as a whole.

Rover connects dog owners with various users that will walk, board, or generally take care of dogs — a critical service for anyone who might be traveling, or just work in a non-dog friendly office. Users just book a dog walker or sitter through the app, which connects them with area sitters. It’s an area where Wag has faced a lot of criticism following a major Bloomberg report regarding poor service (and losing dogs). There are, of course, many challenges for any service that offloads some kind of daily need to a third party starting in a similar fashion to Uber.

Rover, interestingly, notes on its website that it “accepts less than 20% of potential sitters,” perhaps a dig at the criticism for Wag or the space in general and as an attempt to soothe concerns from potential users. Rover says it has more than 200,000 sitters throughout North America. The company previously raised $156 million, and previous investors include A-Grade Investments, Foundry Group, Madrona Venture Group, Menlo Ventures, OMERS Ventures, Petco, and StepStone Group.


Read Full Article

So long, StumbleUpon


All told, 16 years is a pretty good run in the social media world. After launching in 2002, website discovery platform StumbleUpon is shutting down on June 30. Over its existence, the service racked up 60 billion stumbles for 40 million users, cofounder Garrett Camp wrote in a Medium post this week.

Those of us who wrote for sites at the height of the tool’s power know it was capable of driving a tremendous amount of traffic in its prime. One of StumbleUpon’s greatest strengths was its simplicity, offering up content with a single click. But Camp notes in his post that its simplicity was ultimately its detriment in the ever-changing online world.

eBay bought the service for a reported $75 million in 2007, but failed it relevant. In 2013, the service underwent significant layoffs, allowing Camp to buy a majority share two years later.

“Since starting SU the number of people with internet access has grown nearly 10x, and mobile phones and social media have changed our lives. The number of platforms to share or host content has increased significantly, yet we still need better tools to help us filter through the exploding amount of content on the web, and find signal within the noise. And we’ve learned from SU that while simplicity and serendipity is important, so is enabling contextual curation.”

Those lessons, it seems, will be informing Camp’s product, Mix.com — as will StumbleUpon’s use base. Existing StumbleUpon accounts will be transitioned to Mix ahead of the June 30 deadline.


Read Full Article

Trek’s Commuter+ 7 is a beautiful – if pricey – electric bike


At $3,700, Trek’s Commuter+ 7 is a hard sell in a world of commodity e-bikes. But, thankfully, Trek has added superior components, great styling, and surprising durability to the package, making this pedal-assist ebike one of the best I’ve ridden.

The bike has a matte black finish, fenders, and a motor guard to keep your ebike safe from passing rocks and trash. The 250-watt Bosch Performance CX runs at a maximum of 20 miles per hour and the removable battery lets you swap out packs if things run low.

I enjoyed the ride on this thing and, although it could be prohibitively expensive, you do get some solid components on a well-tested brand. Give it a ride like I did and see for yourself.


Read Full Article

Klevio launches its smart intercom and app that lets you open doors remotely


Klevio, a smart home startup out of the U.K., is officially launching its first product: a smart intercom system that lets you control your front door lock via an iOS and Android app on your phone and remotely.

Dubbed “Klevio One,” the device is designed to be retrofitted to existing electric strike-enabled locks, and also interfaces with intercom systems found on the communal doors of apartment blocks. This, say its makers, means that it is better suited to flats than smart locks already on the market.

In a call with Klevio co-founder and CEO Aleš Špetič, he explained that the approach the London-based company has taken is different to smart locks that typically use a motor to turn the lock and require tearing out and replacing your existing lock. In contrast, if you already have an electric strike as part of your lock — which a lot of apartments do — the Klevio One can simply be wired to interface with it. If you don’t, a Klevio installer can fit one to your existing lock for you.

This major upside of this approach is that Klevio isn’t re-inventing the whole wheel, but taking years old, tried and tested electric strike technology, and simply adding smart connectivity to it.

It means the Klevio One works with multiple doors and there’s no need to modify the communal area of apartment buildings when installing it, since the device is located within an individual apartment. You can also still use your old physical keys as a backup, and the company says the use of Klevio won’t be obvious to anyone outside the building.

And as you’d expect, the Klevio system is cloud-connected so that you can control your lock remotely, and issue virtual and one-time use keys. It comes in a WiFi only version, and a subscription version with added 4G.

The startup’s back story is noteworthy, too. The Klevio’s original concept and eureka moment came at Onefinestay, the ‘upscale Airbnb’ acquired by Accor in 2016. After the exit, Onefinestay co-founder Demetrios Zoppos teamed up with CubeSensors’ Aleš Špetič and Marko Mrdjenovič to start the new company, including purchasing the needed patents from Onefinestay.

In addition, Onefinestay co-founder Greg Marsh is an investor in Klevio, alongside LocalGlobe’s partner Robin Klein (who I’m told has invested in a personal capacity). To date Klevio has raised £1.2 million in funding.

Meanwhile, Špetič tells me that prior to today’s wider launch — where it can be ordered via the Klevio website — the Klevio One has been piloted with 1,000 users across London.


Read Full Article

Instapaper on pause in Europe to fix GDPR compliance “issue”


Remember Instapaper? The Pinterest-owned, read-it-later bookmarking service is taking a break in Europe — apparently while it works on achieving compliance with the region’s updated privacy framework, GDPR, which will start being applied from tomorrow.

Instapaper’s notification does not say how long the self-imposed outage will last.

The European Union’s General Data Protection Regulation updates the bloc’s privacy framework, most notably by bringing in supersized fines for data violations, which in the most serious cases can scale up to 4% of a company’s global annual turnover.

So it significantly ramps up the risk of, for example, having sloppy security, or consent flows that aren’t clear and specific enough (if indeed consent is the legal basis you’re relying on for processing people’s personal information).

That said, EU regulators are clearly going to tread softly on the enforcement front in the short term. And any major fines are only going to hit the most serious violations and violators — and only down the line when data protection authorities have received complaints and conducted thorough investigations.

So it’s not clear exactly why Instapaper believes it needs to pause its service to European users. It’s also had plenty of time to prepare to be compliant — given the new framework was agreed at the back end of 2015. We’ve reached out to Pinterest with questions and will update this story with any response.

In an exchange on Twitter, Pinterest product engineering manager Brian Donohue — who, prior to acquisition was Instapaper’s CEO — flagged that the product’s privacy policy “hasn’t been changed in several years”. But he declined to specify exactly what it feels its compliance issue is — saying only: “We’re actively working to resolve the issue.”

In a customer support email that we reviewed, the company also told one European user: “We’ve been advised to undergo an assessment of the Instapaper service to determine what, if any, changes may be appropriate but to restrict access to IP addresses in the EU as the best course of action.”

“We’re really sorry for any inconvenience, and we are actively working on bringing the service back online for residents in Europe,” it added.

The product’s privacy policy is one of the clearer T&Cs we’ve seen. It also states that users can already access “all your personally identifiable information that we collect online and maintain”, as well as saying people can “correct factual errors in your personally identifiable information by changing or deleting the erroneous information” — which, assuming those statements are true, looks pretty good for complying with portions of GDPR that are intended to give consumers more control over their personal data.

Instapaper also already lets users delete their accounts. And if they do that it specifies that “all account information and saved page data is deleted from the Instapaper service immediately” (though it also cautions that “deleted data may persist in backups and logs until they are deleted”).

In terms of what Instapaper does with users’ data, its privacy policy claims it does not share the information “with outside parties except to the extent necessary to accomplish Instapaper’s functionality”.

But it’s also not explicitly clear from the policy whether or not it’s passing information to its parent company Pinterest, for example, so perhaps it feels it needs to add more detail there.

Another possibility is Instapaper is working on compliance with GDPR’s data portability requirement. Though the service has offered exports options for years. But perhaps it feels these need to be more comprehensive.

As is inevitable ahead of a major regulatory change there’s a good deal of confusion about what exactly must be done to comply with the new rules. And that’s perhaps the best explanation for what’s going on with Instapaper’s pause.

Though, again, there’s plenty of official and detailed guidance from data protection agencies to help.

Unfortunately it’s also true that there’s a lot of unofficial and dubious quality advice from a cottage industry of self-styled ‘GDPR consultants’ that have sprung up with the intention of profiting off of the uncertainty. So — as ever — do your due diligence when it comes to the ‘experts’ you choose.


Read Full Article

It’s unconstitutional for Trump to block people on Twitter


A uniquely 21st-century constitutional question received a satisfying answer today from a federal judge: President Trump cannot block people on Twitter, as it constitutes a violation of their First Amendment rights. The court also ruled he must unblock all previously blocked users. “No government official is above the law,” the judge concluded.

The question was brought as part of a suit brought by the Knight First Amendment Institute, which alleged that the official Presidential Twitter feed amounts to a public forum, and that the government barring individuals from participating in it amounted to limiting their right to free speech.

After consideration, New York Southern District Judge Naomi Reice Buchwald determined that this is indeed that case:

We hold that portions of the @realDonaldTrump account — the “interactive space” where Twitter users may directly engage with the content of the President’s tweets — are properly analyzed under the “public forum” doctrines set forth by the Supreme Court, that such space is a designated public forum, and that the blocking of the plaintiffs based on their political speech constitutes viewpoint discrimination that violates the First Amendment.

The President’s side argued that Trump has his own rights, and that in this case the choice not to engage with certain people on Twitter is among them. These are both true, Judge Buchwald found, but that doesn’t mean blocking is okay.

There is nothing wrong with a government official exercising their First Amendment rights by ignoring someone. And indeed that is what the “mute” function on Twitter is equivalent to. No harm is done to either party by the President choosing not to respond, and so he is free to do so.

But to block someone both prevents that person from seeing tweets and from responding to them, preventing them from even accessing a public forum. As the decision puts it:

We reject the defendants’ contentions that the First Amendment does not apply in this case and that the President’s personal First Amendment interests supersede those of plaintiffs…

While we must recognize, and are sensitive to, the President’s personal First Amendment rights, he cannot exercise those rights in a way that infringes the corresponding First Amendment rights of those who have criticized him.

The court also examined the evidence and found that despite the Executive’s arguments that his Twitter accounts are, for various reasons, in part private and not subject to rules limiting government spaces, the President’s Twitter is definitively a public forum, meeting the criteria set out some time back by the Supreme Court.

At this point in time President Trump has by definition performed unconstitutional acts, but the court was not convinced that any serious legal remedy needs to be applied. And not because the Executive side of the case said it was monstrous of the Judicial to dare to tell it what to do:

While we find entirely unpersuasive the Government’s parade of horribles regarding the judicial interference in executive affairs presented by an injunction directing the President to comply with constitutional restrictions… declaratory relief is likely to achieve the same purpose.

By this the judge means that while the court would be legally in the clear if it issued an official order binding the Executive, but that there’s no reason to do so. Instead, merely declaring that the President is has violated the rules of the Constitution should be more than enough to compel his team to take the appropriate action.

Specifically, Trump and (it is implied but not stated specifically) all public officials are to unblock any blocked users on Twitter and never hit that block button again:

No government official is above the law and because all government officials are presumed to follow the law once the judiciary has said what the law is, we must assume that the President and Scavino will remedy the blocking we have held to be unconstitutional.

No timeline is set but it’s clear that the Executive is on warning. You can read the full decision here.

This also sets an interesting precedent as regarding other social networks, but the repercussions thereof are impossible to predict at this time. Legal scholars and political agents will almost certainly weigh in on the issue heavily over the coming weeks.


Read Full Article

23 May 2018

Samsung adds ‘The Incredibles’ to its AR Emojis


Samsung’s AR Emojis were met with a…lukewarm reception when they launched alongside the Galaxy S9. The augmented reality avatars were regarded as a me-too response to Apple’s Animojis — and more to the point, were downright creepy.

But at launch, the company brought one key element to the offering that Apple hasn’t: a content partnership. And not just any content partnership, mind. A Disney content partnership. So far, it’s rolled out the iconic likes of Mickey, Minnie and Donald, and now, just in time for the latest Pixar sequel, it’s offering up the cast of The Incredibles 2.

Starting today, Galaxy S9 and S9+ owners can download  Mr. Incredible, Elastigirl, Violet, Dash, Jack-Jack and new character Frozone, for all of their AR Emoji-related needs. So users can send a birthday greeting, reach out to a loved one or break up with an ex as their favorite super baby.

The new content pack is available directly through the camera software’s built-in AR Emoji mode. The tech uses in excess of 100 facial features to map the user’s movements.


Read Full Article

Apple offers a $50 credit for some out-of-warranty iPhone battery purchases


If you bought a battery replacement for an out-of-warranty iPhone last year, you may be eligible for a $50 credit from Apple. The company issued a new support page post this week, announcing the rebate policy, which applies to purchases made at authorized locations.

The move is part of on-going restitution in the wake of an admission that the company was throttling processing speeds on older model phones, in order to save on battery life. Late last year, Apple apologized for not informing users about the issue, promising to be more transparent in the future.

Soon after, the company began offering $29 battery replacements — a $50 discount on out-of-warranty battery replacements. This credit covers those who purchased a battery out-of-warranty any point in 2017, leading up to that new offer.

The company has promised to send an email to all eligible users with instructions on how to get the credit transferred to their account between now and July 27. Those who don’t get a notification, but still believe themselves to be eligible, can contact Apple directly between now and the end of the year.


Read Full Article

Ring’s Jamie Siminoff and Clinc’s Jason Mars to join us at Disrupt SF


Disrupt SF is set to be the biggest tech conference that TechCrunch has ever hosted. So it only makes sense that we plan an agenda fit for the occasion.

That’s why we’re absolutely thrilled to announce that Ring’s Jamie Siminoff will join us on stage for a fireside chat and Jason Mars from Clinc will be demo-ing first-of-its-kind technology on the Disrupt SF stage.

Jamie Siminoff – Ring

Earlier this year, Ring became Amazon’s second largest acquisition ever, selling to the behemoth for a reported $1 billion.

But the story begins long ago, with Jamie Siminoff building a WiFi-connected video doorbell in his garage in 2011. Back then it was called DoorBot. Now, it’s called Ring, and it’s an essential piece of the overall evolution of e-commerce.

As giants like Amazon move to make purchasing and receiving goods as simple as ever, safe and reliable entry into the home becomes critical to the mission. Ring, which has made neighborhood safety and home security its main priority since inception, is a capable partner in that mission.

Of course, one doesn’t often build a successful company and sell for $1 billion on their first go. Prior to Ring, Siminoff founded PhoneTag, the world’s first voicemail-to-text company and Unsubscribe.com. Both of those companies were sold. Based on his founding portfolio alone, it’s clear that part of Siminoff’s success can be attributed to understanding what consumers need and executing on a solution.

Dr. Jason Mars – Clinc

AI has the potential to change everything, but there is a fundamental disconnect between what AI is capable of and how we interface with it. Clinc has tried to close that gap with its conversational AI, emulating human intelligence to interpret unstructured, unconstrained speech.

Clinc is currently targeting the financial market, letting users converse with their bank account using natural language without any pre-defined templates or hierarchical voice menus.

But there are far more applications for this kind of conversational tech. As voice interfaces like Alexa and Google Assistant pick up steam, there is clearly an opportunity to bring this kind of technology to all facets of our lives.

At Disrupt SF, Clinc’s founder and CEO Dr. Jason Mars plans to do just that, debuting other ways that Clinc’s conversational AI can be applied. Without ruining the surprise, let me just say that this is going to be a demo you won’t want to miss.

Tickets to Disrupt are available here.


Read Full Article

Facebook launches new tools for Group admins, including free customer service


Facebook’s Groups are one of the social network’s most popular products, with more than 1.4 billion monthly users across tens of millions of active groups. Today, the company is rolling out a series of new features aimed at those who create and manage these groups, including customer support with answers and help provided by a real person, not a machine or automated responses. Admins are also getting a dedicated online education portal and more tools to manage their groups’ posts.

Unfortunately, the customer support service is not available to all groups at this time.

Facebook instead is beginning a pilot program for admin support that’s only available to a limited number of group admins on iOS and Android at this time, initially in English and Spanish.

“We spend a lot of time speaking with admins, and we listen to their feedback quite a lot,” explains Alex Deve, Product Management Director for Groups. “And the first thing we heard from them – very loud and clear – is that they want to be able to reach out to us and get a very quick response,” he says.

The free service will allow admins to send any issues they have to Facebook, and the company will respond within one business day. This is made possible by the additional hires the company made to expand its moderation team, as CEO Mark Zuckerberg had previously announced, Deve notes.

The idea with the admin support isn’t just about helping admins out directly – it’s also about figuring out what their needs are, what troubles they have, and what features they want. This will help Facebook roll out new features for admins that they’ll find useful, but it also ties into another new product being announced today: an online educational center for admins.

At facebook.com/community, Facebook has collected best practices, tutorials, product demos, and case studies based on the experiences and expertise from the admin community, and is sharing it with others in the form of audio and video content. There are tips on things like growing groups, setting the rules, building a team, using group tools, managing conflicts, and more.

“Going forward, the support work is going to feed into this. [Facebook will learn] what other themes are very common that people want to hear about from other admins. So we’ll create more videos in the future,” says Deve.

Additionally, Facebook is rolling out two new admins tools today, created in response to user feedback.

The first will allow admins and moderators to notify a member whose post gets pulled down which group rule they broke that caused its removal. They’ll also be able to collaborate with other admins and moderators by adding notes in an activity log when they remove a post.

The other new feature, “pre-approved members,” will allow admins and moderators to select members whose content will automatically be approved whenever they post. This will save admins time by not having to moderate content from trusted people.

Groups have been a particular interest for Facebook in recent months, especially as the trend towards private networking and sharing continues to grow. At the company’s F8 Developer Conference in May, Facebook announced other features that will make Groups a more prominent part of the Facebook experience, as a result. This includes a new tab for Groups, where your groups are better organized and you can find others to join – similar to Facebook’s now-defunct standalone Groups app. And it introduced a new Groups plugin that admins could use on their websites or emails to solicit people to join their group.

All the new Groups features are rolling out starting today to about 20 percent of supported users, and will continue to roll out to the rest of the world in the weeks ahead. The online educational portal is live now in English, but will launch in Spanish in June.


Read Full Article

Google and Coursera launch a new machine learning specialization


Over the last few years, Google and Coursera have regularly teamed up to launch a number of online courses for developers and IT pros. Among those was the Machine Learning Crash course, which provides developers with an introduction to machine learning. Now, building on that, the two companies are launching a machine learning specialization on Coursera. This new specialization, which consists of five courses, has an even more practical focus.

The new specialization, called  “Machine Learning with TensorFlow on Google Cloud Platform,” has students build real-world machine learning models. It takes them from setting up their environment to learning how to create and sanitize datasets to writing distributed models in TensorFlow, improving the accuracy of those models and tuning them to find the right parameters.

As Google’s Big Data and Machine Learning Tech Lead Lak Lakshmanan told me, his team heard that students and companies really liked the original machine learning course but wanted an option to dig deeper into the material. Students wanted to know not just how to build a basic model but also how to then use it in production in the cloud, for example, or how to build the data pipeline for it and figure out how to tune the parameters to get better results.

Leah Belsky, Coursera’s VP of enterprise development, echoed this and noted that this kind of specialization with a focus on practical models will make the credential more meaningful for employers.

The target audience for the specialization is somebody who wants to build new skills — and that’s pretty much every developers, especially now that machine learning is making inroads in virtually every area of tech. And since it’s almost impossible to hire machine learning experts, this course will surely be attractive to many employers who want their existing workforce to gain these skills.

As Lakshmanan noted, there are plenty of use cases for leading-edge kind of machine learning models, but what these courses focus on are more of the “day-to-day models” that can bring additional value to many existing products. Because of the focus on real-world problems, Lakshmanan also noted that the course should be useful for newly minted graduates who may be more familiar with the theories of machine learning than building products.

He also noted that only a few years ago, getting started with a course like this would have been rather cumbersome, not in the least because you need relatively powerful hardware with a dedicated GPU to work productively. Now, however, thanks to the various cloud platforms that offer GPU access or even specialized hardware like Google Cloud’s TPUs, the barrier of entry has dropped significantly.

It’s worth noting that these courses expect that you are already a somewhat competent programmer. While it has gotten much easier to start with machine learning thanks to new frameworks like TensorFlow, this is still an advanced skill. It’ll surely still be a while before we see a “get started with programming in Python by building a machine learning model” course.

Looking ahead, Lakshmanan also noted that the team is looking at a next course that would build upon the existing one, but with a focus on working with unstructured data. That’s a different class of problem with its own skill set and one that’ll allow the graduates of the first course to apply their knowledge to a whole different set of data.


Read Full Article

Vivo’s all-screen phone with a flip-up camera could arrive in June


The all-screen smartphone is an inevitability. The question at this point, really, is who will get there first and how they’ll accomplish that feat. I spoke to a LG rep at the G7 launch, who suggested that the notch is going to be fact of life for the next couple of years, but a number of manufacturers are pushing to get there a heck of a lot quicker.

Back at MWC in Febrary, Vivo’s Apex handset seemed like little more than a concept, but a couple of new teasers suggest otherwise. A new video demonstrates the handset’s flip-up selfie camera in action, along with a “Save the Date” notice for a June 12 event in Shanghai. The handset appears to be, at the very least, a close relative of the concept phone. 

A February press release highlights the concept in a bit more detail.

“In keeping with the promise to continuously support user habits,” the company notes, “Apex also features an 8MP Elevating Front Camera. The camera seamlessly rises in 0.8 seconds when it is required and retracts after use. Together with the hidden proximity sensor and ambient light sensor, this eliminates the space taken up by conventional front cameras, while offering the same selfie experience to users.”

Vivo’s just one of a number of companies who think they’ve got the answer here. When we met with Doogee back in February, the company showed off a number of prototypes aimed at circumventing the notch, including a similar pop up model and a version that slides to reveal a camera inside.

And then, of course, there’s the Lenovo Z5, which a VP for the company showed off via social media earlier this month. Though that presently seems to amount to little more than a sketch. For the moment, all of this feels like a bunch of companies showing off concepts aimed at demonstrating that they “thought of it first.”

Perhaps next month, however, Vivo will be ready to put its money where its mouth is.


Read Full Article

Tempow raises $4 million to improve Bluetooth


French startup Tempow has raised a $4 million funding round. Balderton Capital led the round, with C4 Ventures also participating. The company has been working on improving the Bluetooth protocol to make it more versatile.

Smartphones, speakers and connected devices all use Bluetooth in one way or another. There are only a handful of Bluetooth chipset manufacturers in the world, such as Qualcomm and Broadcom. While Bluetooth chips have become incredibly efficient as they use much less power than they used to, it’s been stagnant on the software front.

Tempow is a software company that wants to rewrite the Bluetooth stack from scratch. The company started with an audio profile.

Thanks to Tempow’s technology, you can connect a phone to multiple Bluetooth speakers at once. This is just a software improvement — it works with standard Bluetooth chipsets and all Bluetooth audio devices out there.

Lenovo liked this idea and licensed the technology for its Moto X4 handset. More than 5 million devices with Tempow’s Bluetooth stack have been sold.

With today’s funding round, the startup wants to tackle more use cases. For instance, Tempow wants to optimize the pairing process, enhance the security of the protocol and work on battery consumption. “Maybe you could pay using Bluetooth instead of NFC,” co-founder and CEO Vincent Nallatamby told me.

At the same time, the startup is negotiating with multiple manufacturers. You can expect to see Tempow’s technology in more devices in the future.

The company currently has 7 patents pending and just got its first patent last week. Eventually, Tempow thinks it can build a team of Bluetooth experts who push the protocol forward.


Read Full Article

Startups can now apply to take part in Google’s first Demo Day event in Asia


Google is bringing its Demo Day event to Asia for the first time this September and now the search giant has opened applications for startups wanting to take part.

Google’s Demo Day are akin to a short version of an early-stage startup program. As the name suggests its a Demo Day but without the months-long program leading up to it. The company instead identifies promising companies, and it works with them ahead of the demo day to give mentoring, coaching and perfect a pitch that is delivered to VCs and others from Google’s entrepreneurship network who attend the demo day.

Aside from working closely with Google and earnings Google Cloud credits, Google says its events help get startups connected and raise capital. To that end, it says that startups which have pitched at Demo Days have raised a cumulative $259 million from investors.

Events have been held in North America and Europe, with some participating companies from Asia, but this coming event — which takes place in Shanghai on September 20 — will be the first on Asian soil.

Companies wishing to apply should visit the sign-up site before the deadline of July 1 at 11:59 pm SGT.

The move is a further sign that Google is escalating its presence in Asia, and particularly in China.

In past months, we’ve seen Google agree to a partnership with Tencent,  invest in China-based startups — biotech-focused XtalPi and live-streaming service Cushou — and announce an AI lab in Beijing. Added to that, Google gained a large tech presence in Taiwan via the completion of its acquisition of a chunk of HTC, and it opened a presence in Shenzhen, the Chinese city known as ‘the Silicon Valley of hardware.’

Beyond China, Google has made its first direct investments in Asia-based companies by backing India’s on-demand service Dunzo and Southeast Asian ride-hailing unicorn Go-Jek.


Read Full Article

IBM’s Verifier inspects (and verifies) diamonds, pills and materials at the micron level


It’s not enough in this day and age that we have to deal with fake news, we also have to deal with fake prescription drugs, fake luxury goods, and fake Renaissance-era paintings. Sometimes all at once! IBM’s Verifier is a gadget and platform made (naturally) to instantly verify that something is what it claims to be, by inspecting it at a microscopic level.

Essentially you stick a little thing on your phone’s camera, open the app, and put the sensor against what you’re trying to verify, be it a generic antidepressant or an ore sample. By combining microscopy, spectroscopy, and a little bit of AI, the Verifier compares what it sees to a known version of the item and tells you whether they’re the same.

The key component in this process is an “optical element” that sits in front of the camera (it can be anything that takes a decent image) amounting to a specialized hyper-macro lens. It allows the camera to detect features as small as a micron — for comparison, a human hair is usually a few dozen microns wide.

At the micron level there are patterns and optical characteristics that aren’t visible to the human eye, like precisely which wavelengths of light it reflects. The quality of a weave, the number of flaws in a gem, the mixture of metals in an alloy… all stuff you or I would miss, but a machine learning system trained on such examples will pick out instantly.

For instance a counterfeit pill, although orange and smooth and imprinted just like a real one if one were to just look at it, will likely appear totally different at the micro level: textures and structures with a very distinct pattern, or at least distinct from the real thing — not to mention a spectral signature that’s probably way different. There’s also no reason it can’t be used on things like expensive wines or oils, contaminated water, currency, and plenty of other items.

IBM was eager to highlight the AI element, which is trained on the various patterns and differentiates between them, though as far as I can tell it’s a pretty straightforward classification task. I’m more impressed by the lens they put together that can resolve at a micron level with so little distortion and not exclude or distort the colors too much. It even works on multiple phones — you don’t have to have this or that model.

The first application IBM is announcing for its Verifier is as a part of the diamond trade, which is of course known for fetishizing the stones and their uniqueness, and also establishing elaborate supply trains to ensure product is carefully controlled. The Verifier will be used as an aide for grading stones, not on its own but as a tool for human checkers; it’s a partnership with the Gemological Institute of America, which will test integrating the tool into its own workflow.

By imaging the stone from several angles, the individual identity of the diamond can be recorded and tracked as well, so that its provenance and trail through the industry can be tracked over the years. Here IBM imagines blockchain will be useful, which is possible but not exactly a given.

It’ll be a while before you can have one of your own, but here’s hoping this type of tech becomes popular enough that you can check the quality or makeup of something at least without having to visit some lab.


Read Full Article