Tip Trick Here: 04/15/20

15 April 2020

Pileus helps businesses cut their cloud spend

Israel-based Pileus, which is officially launching today, aims to help businesses keep their cloud spend under control. The company also today announced that it has raised a $1 million seed round from a private angel investor.

Using machine learning, the company’s platform continuously learns about how a user typically uses a given cloud and then provides forecasts and daily personalized recommendations to help them stay within a budget.

Pileus currently supports AWS, with support for Google Cloud and Microsoft Azure coming soon.

With all of the information it gathers about your cloud usage, the service can also monitor usage for any anomalies. Because, at its core, Pileus keeps a detailed log of all your cloud spend, it also can provide detailed reports and dashboards of what a user is spending on each project and resource.

If you’ve ever worked on a project like this, you know that these reports are only as good as the tags you use to identify each project and resource, so Pileus makes that a priority on its platform, with a tagging tool that helps enforce tagging policies.

“My team and I spent many sleepless nights working on this solution,” says Pileus CEO Roni Karp. “We’re thrilled to finally be able to unleash Pileus to the masses and help everyone gain more efficiency of their cloud experience while helping them understand their usage and costs better than ever before.”

Pileus currently offers a free 30-day trial. After that, users can either opt to pay $180/month or $800 per year. At those prices, the service isn’t exactly useful until your cloud spend is significantly more than that, of course.

The company isn’t just focused on individual businesses, though. It’s also targeting managed service providers that can use the platform to create reports and manage their own customer billing. Karp believes this will become a significant source of revenue for Pileus because “there are not many good tools in the field today, especially for Azure.”

It’s no secret that Pileus is launching into a crowded market, where well-known incumbents like Cloudability already share mindshare with a growing number of startups. Karp, however, believes that Pileus can stand out, largely because of its machine learning platform and its ability to provide users with immediate value, whereas, he argues, it often takes several weeks for other platforms to deliver results.

Read Full Article

EfficientDet: Towards Scalable and Efficient Object Detection

Posted by Mingxing Tan, Software Engineer and Adams Yu, Research Scientist, Google Research

As one of the core applications in computer vision, object detection has become increasingly important in scenarios that demand high accuracy, but have limited computational resources, such as robotics and driverless cars. Unfortunately, many current high-accuracy detectors do not fit these constraints. More importantly, real-world applications of object detection are run on a variety of platforms, which often demand different resources. A natural question, then, is how to design accurate and efficient object detectors that can also adapt to a wide range of resource constraints?

In “EfficientDet: Scalable and Efficient Object Detection”, accepted at CVPR 2020, we introduce a new family of scalable and efficient object detectors. Building upon our previous work on scaling neural networks (EfficientNet), and incorporating a novel bi-directional feature network (BiFPN) and new scaling rules, EfficientDet achieves state-of-the-art accuracy while being up to 9x smaller and using significantly less computation compared to prior state-of-the-art detectors. The following figure shows the overall network architecture of our models.

EfficientDet architecture. EfficientDet uses EfficientNet as the backbone network and a newly proposed BiFPN feature network.

Model Architecture Optimizations
The idea behind EfficientDet arose from our effort to find solutions to improve computational efficiency by conducting a systematic study of prior state-of-the-art detection models. In general, object detectors have three main components: a backbone that extracts features from the given image; a feature network that takes multiple levels of features from the backbone as input and outputs a list of fused features that represent salient characteristics of the image; and the final class/box network that uses the fused features to predict the class and location of each object. By examining the design choices for these components, we identified several key optimizations to improve performance and efficiency:

Previous detectors mainly rely on ResNets, ResNeXt, or AmoebaNet as backbone networks, which are all either less powerful or have lower efficiency than EfficientNets. By first implementing an EfficientNet backbone, it is possible to achieve much better efficiency. For example, starting from a RetinaNet baseline that employs ResNet-50 backbone, our ablation study shows that simply replacing ResNet-50 with EfficientNet-B3 can improve accuracy by 3% while reducing computation by 20%.

Another optimization is to improve the efficiency of the feature networks. While most previous detectors simply employ a top-down feature pyramid network (FPN), we find top-down FPN is inherently limited by the one-way information flow. Alternative FPNs, such as PANet, add an additional bottom-up flow at the cost of more computation. Recent efforts to leverage neural architecture search (NAS) discovered the more complex NAS-FPN architecture. However, while this network structure is effective, it is also irregular and highly optimized for a specific task, which makes it difficult to adapt to other tasks.

To address these issues, we propose a new bi-directional feature network, BiFPN, which incorporates the multi-level feature fusion idea from FPN/PANet/NAS-FPN that enables information to flow in both the top-down and bottom-up directions, while using regular and efficient connections.

A comparison between our BiFPN and previous feature networks. Our BiFPN allows features (from the low resolution P3 levels to high-resolution P7 levels) to repeatedly flow in both top-down and bottom-up ways.

To improve the efficiency even more, we propose a new fast normalized fusion technique. Traditional approaches usually treat all features input to the FPN equally, even those with different resolutions. However, we observe that input features at different resolutions often have unequal contributions to the output features. Thus, we add an additional weight for each input feature and allow the network to learn the importance of each. We also replace all regular convolutions with less expensive depthwise separable convolutions. With these optimizations, our BiFPN further improves the accuracy by 4%, while reducing the computation cost by 50%.

A third optimization involves achieving better accuracy and efficiency trade-offs under different resource constraints. Our previous work has shown that jointly scaling the depth, width and resolution of a network can significantly improve efficiency for image recognition. Inspired by this idea, we propose a new compound scaling method for object detectors, which jointly scales up the resolution/depth/width. Each network component, i.e., backbone, feature, and box/class prediction network, will have a single compound scaling factor that controls all scaling dimensions using heuristic-based rules. This approach enables one to easily determine how to scale the model by computing the scaling factor for the given target resource constraints.

Combining the new backbone and BiFPN, we first develop a small-size EfficientDet-D0 baseline, and then apply a compound scaling to obtain EfficientDet-D1 to D7. Each consecutive model has a higher compute cost, covering a wide range of resource constraints from 3 billion FLOPs to 300 billion FLOPS, and provides higher accuracy.

Model Performance
We evaluate EfficientDet on the COCO dataset, a widely used benchmark dataset for object detection. EfficientDet-D7 achieves a mean average precision (mAP) of 52.2, exceeding the prior state-of-the-art model by 1.5 points, while using 4x fewer parameters and 9.4x less computation.

EfficientDet achieves state-of-the-art 52.2 mAP, up 1.5 points from the prior state of the art (not shown since it is at 3045B FLOPs) on COCO test-dev under the same setting. Under the same accuracy constraint, EfficientDet models are 4x-9x smaller and use 13x-42x less computation than previous detectors.

We have also compared the parameter size and CPU/GPU latency between EfficientDet and previous models. Under similar accuracy constraints, EfficientDet models are 2x-4x faster on GPU, and 5x-11x faster on CPU than other detectors.

While the EfficientDet models are mainly designed for object detection, we also examine their performance on other tasks, such as semantic segmentation. To perform segmentation tasks, we slightly modify EfficientDet-D4 by replacing the detection head and loss function with a segmentation head and loss, while keeping the same scaled backbone and BiFPN. We compare this model with prior state-of-the-art segmentation models for Pascal VOC 2012, a widely used dataset for segmentation benchmark.

EfficientDet achieves better quality on Pascal VOC 2012 val than DeepLabV3+ with 9.8x less computation, under the same setting without COCO pre-training.

Open Source
Given their exceptional performance, we expect EfficientDet could serve as a new foundation of future object detection related research, and potentially make high-accuracy object detection models practically useful for many real-world applications. Therefore, we have open sourced all the code and pretrained model checkpoints on this github link.

Acknowledgements
Thanks to the paper co-authors Ruoming Pang and Quoc V. Le. We thank Daiyi Peng, Golnaz Ghiasi, Tianjian Meng for their help on infrastructure and discussion. We also thank Adam Kraft, Barret Zoph, Ekin D. Cubuk, Hongkun Yu, Jeff Dean, Pengchong Jin, Samy Bengio, Tsung-Yi Lin, Xianzhi Du, Xiaodan Song, and the Google Brain team.

WorldGaze uses smartphone cameras to help voice AIs cut to the chase

If you find voice assistants frustratingly dumb, you’re hardly alone. The much-hyped promise of AI-driven vocal convenience very quickly falls through the cracks of robotic pedantry.

A smart AI that has to come back again (and sometimes again) to ask for extra input to execute your request can seem especially dumb — when, for example, it doesn’t get that the most likely repair shop you’re asking about is not any one of them but the one you’re parked outside of right now.

Researchers at the Human-Computer Interaction Institute at Carnegie Mellon University, working with Gierad Laput, a machine learning engineer at Apple, have devised a demo software add-on for voice assistants that lets smartphone users boost the savvy of an on-device AI by giving it a helping hand — or rather a helping head.

The prototype system makes simultaneous use of a smartphone’s front and rear cameras to be able to locate the user’s head in physical space, and more specifically within the immediate surroundings — which are parsed to identify objects in the vicinity using computer vision technology.

The user is then able to use their head as a pointer to direct their gaze at whatever they’re talking about — i.e. “that garage” — wordlessly filling in contextual gaps in the AI’s understanding in a way the researchers contend is more natural.

So, instead of needing to talk like a robot in order to tap the utility of a voice AI, you can sound a bit more, well, human. Asking stuff like “‘Siri, when does that Starbucks close?” Or — in a retail setting — “are there other color options for that sofa?” Or asking for an instant price comparison between “this chair and that one.” Or for a lamp to be added to your wish-list.

In a home/office scenario, the system could also let the user remotely control a variety of devices within their field of vision — without needing to be hyper-specific about it. Instead they could just look toward the smart TV or thermostat and speak the required volume/temperature adjustment.

The team has put together a demo video (below) showing the prototype — which they’ve called WorldGaze — in action. “We use the iPhone’s front-facing camera to track the head in 3D, including its direction vector. Because the geometry of the front and back cameras are known, we can raycast the head vector into the world as seen by the rear-facing camera,” they explain in the video.

“This allows the user to intuitively define an object or region of interest using the head gaze. Voice assistants can then use this contextual information to make enquiries that are more precise and natural.”

In a research paper presenting the prototype they also suggest it could be used to “help to socialize mobile AR experiences, currently typified by people walking down the street looking down at their devices.”

Asked to expand on this, CMU researcher Chris Harrison told TechCrunch: “People are always walking and looking down at their phones, which isn’t very social. They aren’t engaging with other people, or even looking at the beautiful world around them. With something like WorldGaze, people can look out into the world, but still ask questions to their smartphone. If I’m walking down the street, I can inquire and listen about restaurant reviews or add things to my shopping list without having to look down at my phone. But the phone still has all the smarts. I don’t have to buy something extra or special.”

In the paper they note there is a long body of research related to tracking users’ gaze for interactive purposes — but a key aim of their work here was to develop “a functional, real-time prototype, constraining ourselves to hardware found on commodity smartphones.” (Although the rear camera’s field of view is one potential limitation they discuss, including suggesting a partial workaround for any hardware that falls short.)

“Although WorldGaze could be launched as a standalone application, we believe it is more likely for WorldGaze to be integrated as a background service that wakes upon a voice assistant trigger (e.g., ‘Hey Siri’),” they also write. “Although opening both cameras and performing computer vision processing is energy consumptive, the duty cycle would be so low as to not significantly impact battery life of today’s smartphones. It may even be that only a single frame is needed from both cameras, after which they can turn back off (WorldGaze startup time is 7 sec). Using bench equipment, we estimated power consumption at ~0.1 mWh per inquiry.”

Of course there’s still something a bit awkward about a human holding a screen up in front of their face and talking to it — but Harrison confirms the software could work just as easily hands-free on a pair of smart spectacles.

“Both are possible,” he told us. “We choose to focus on smartphones simply because everyone has one (and WorldGaze could literally be a software update), while almost no one has AR glasses (yet). But the premise of using where you are looking to supercharge voice assistants applies to both.”

“Increasingly, AR glasses include sensors to track gaze location (e.g., Magic Leap, which uses it for focusing reasons), so in that case, one only needs outwards facing cameras,” he added.

Taking a further leap it’s possible to imagine such a system being combined with facial recognition technology — to allow a smart spec-wearer to quietly tip their head and ask “who’s that?” — assuming the necessary facial data was legally available in the AI’s memory banks.

Features such as “add to contacts” or “when did we last meet” could then be unlocked to augment a networking or socializing experience. Although, at this point, the privacy implications of unleashing such a system into the real world look rather more challenging than stitching together the engineering. (See, for example, Apple banning Clearview AI’s app for violating its rules.)

“There would have to be a level of security and permissions to go along with this, and it’s not something we are contemplating right now, but it’s an interesting (and potentially scary idea),” agrees Harrison when we ask about such a possibility.

The team was due to present the research at ACM CHI — but the conference was canceled due to the coronavirus.

Read Full Article

Instagram rival VSCO lays off 30% of staff to reduce reliance on outside capital

VSCO, the popular photo editing app and Instagram rival, is the latest company to undergo layoffs attributed to the COVID-19 crisis, which has put a strain on venture-backed startups. According to a report from NPR, which was then confirmed by VSCO co-founder and CEO Joel Flory on LinkedIn, the company is laying off around 30% of staff, or 45 of its employees.

Though Flory didn’t reference the COVID-19 outbreak by name, his post described the rapid change to the economy which necessitated the layoffs.

“2020 was staged to be a year where we would continue to forward invest into our business,” Flory wrote. “Overnight our environment changed. We realized that we would need to shift towards running a self-sustaining business.”

In other words, VSCO is anticipating a future where venture capital is less readily available and is making the shift toward running a business that’s no longer reliant on outside capital or funding in order to operate. By laying off a portion of staff, VSCO believes it will be able to sustain its business for many years.

To date, VSCO has raised $90 million in outside funding, and sees its app used by more than 20 million active users per week. However, a smaller portion of those users are customers who pay for a VSCO Membership that offers an expanded array of features, tools, presets and other content. VSCO confirmed to TechCrunch in February 2020 that it had around 2+ million paid subscribers.

Late last year, VSCO had said it was on pace to surpass 4 million paid subscribers by 2020 and was approaching $80 million in annual revenue.

PitchBook data valued the business at $550 million, NPR also reported — a number that’s made the rounds before, as well.

In 2020, VSCO has rolled out several features designed to better support video editing. It gave creators the ability to publish their video edits to the VSCO feed, and last month, for example, launched a more powerful and feature-rich video editing tool called Montage. The latter was meant to grow VSCO’s paid subscriber base, as it requires users to pay in order to save and publish their finished videos.

VSCO’s profile has also been raised beyond its core user base in recent months, after it became associated with a Gen Z meme that circulated on sites like TikTok.

Though perhaps not the marketing the company would have desired, the VSCO girl meme became a way to mock a certain type of girl — one who sports a messy bun, baggy shirts and scrunchies and carries around eco-conscious items like Hydro Flasks or metal straws. VSCO’s app for making your photos look good became associated with this persona, as it’s often used to filter and edit images in order to give them an aesthetic that teenage girls (VSCO girls) supposedly desired.

As for the layoffs, VSCO says its former employees will receive a minimum of seven weeks of severance pay, and a minimum of two months of COBRA health coverage. In terms of equity, VSCO is pro-rating stock option vesting and extending equity exercise periods post-term, it also notes.

Flory’s LinkedIn post additionally offered a way for those interested in hiring the laid-off VSCO employees to reach the company. He said the jobs@vsco.co email address could be used to make inquires about hiring its talent. The company will also be working to provide other job placement resources and support, it says.

“I am deeply saddened to let some incredible people go and am so grateful for everything they’ve done for VSCO and our community,” Flory wrote. “Our mission and vision remain unchanged. Our ability to provide a place for creative expression, inspiration and connection is even more important than ever right now,” he added.

Read Full Article

How to spark your curiosity, scientifically | Nadya Mason

How to spark your curiosity, scientifically | Nadya Mason

Curious how stuff works? Do a hands-on experiment at home, says physicist Nadya Mason. She shows how you can demystify the world around you by tapping into your scientific curiosity -- and performs a few onstage experiments of her own using magnets, dollar bills, dry ice and more.

Click the above link to download the TED talk.

Attentive raises another $40M for mobile messaging, will invest in helping customers respond to COVID-19

Mobile messaging startup Attentive continues to bring in new funding.

The startup raised a $40 million Series B last summer, followed by a $70 million Series C at the beginning of this year. Today it’s announcing that it’s extended the Series C by another $40 million, bringing the total round size to $110 million.

CEO Brian Long (who previously founded TapCommerce with his Attentive co-founder Andrew Jones and sold the company to Twitter) told me that the new funding closed just a week ago. He said the money comes from institutional investors who had wanted to participate in the Series C, but “for whatever reason, the timing didn’t work out.”

Then, as the startup wanted to invest in new areas — particularly in response to the COVID-19 pandemic — Long reached out again. Once they saw Attentive’s numbers for the first quarter of 2020, the firms were willing to invest.

Apparently, the number of new customer sign-ups is only increasing, with Attentive now working with more than 1,000 businesses. Companies like Coach, Urban Outfitters, CB2, PacSun, Lulus and Jack in the Box use the platform to manage their mobile messaging, with tools around adding text message subscribers, creating engaging messages and tracking the results of those campaigns.

And while we’re at the beginning of what’s likely to be a dramatic slowdown in advertising and marketing, Long suggested that even if businesses pull back on acquiring new customers, they’ll still need to maintain a relationship with existing ones.

“CRM is such a critical channel for companies … email and text are the last thing you would shut down,” he said.

Sequoia Capital Global Equities and Coatue are the new investors in the Series C. Sequoia’s venture fund already led (or co-led) the Series C and the Series B, but Long said he was interested in working with the firm’s crossover fund — and with Coatue — partly because they invest in public companies as well.

Not that he has immediate plans for Attentive to go public, but he said, “It just creates optionality,” so that there are fewer financial pressures regardless of the route the company takes.

Other investors in the Series C include IVP, Bain Capital Ventures, NextView Ventures, Eniac Ventures and High Alpha.

“Attentive’s rapid growth is an indicator of how consumers are eager to find a more direct, personalize and efficient channel to interact with businesses,” said Jeff Wang, managing partner at Sequoia Capital Global Equities, in a statement. “We’ve been impressed by how quickly Attentive’s business has scaled, its strong customer momentum, and the expertise of the team. We are thrilled to increase Sequoia’s partnership with Attentive through our Global Equities fund.”

As for how Attentive is responding to COVID-19, the startup plans to create funds to help customers navigate the economic fallout. There will be more details released in the coming weeks, but Long said the idea is to launch funds focused on the e-commerce/retail, food/beverage and educational sectors, providing free access to Attentive tools and services “to help those companies get recharged.”

Long added that he hopes to grow Attentive’s headcount from 260 employees to more than 400 by the end of this year.

Mobile messaging startup Attentive raises another $70M

Read Full Article

Scanwell begins 1,000 person study for at-home antibody test for COVID-19

At-home antibody testing for COVID-19 is the subject of ample debate among the scientific and medical community, with some seeing it as a necessary step in the process of selectively re-opening parts of the economy through verification of individuals with immunity within the community, and others debating the accuracy and efficacy of currently available testing methods. Regardless of which side you’re on, it remains true that further testing is needed, and startup Scanwell has begun a sizeable study for its at-home antibody test, while it continues to work with the FDA on emergency use authorization for the diagnostic.

Scanwell is working with the state of North Carolina and Raleigh-based Wake Forest Baptist Health to distribute 1,000 of its at-home antibody test kits to a random sampling of citizens, funded in part by $100,000 from the state legislature. The sample population, chosen from the patient pool of Wake Forest Baptist Health’s system, and meant to be a statistically representative snapshot of the larger population, will get a finger-prick blood sample collection kit by mail, every month for a full year, in order to hopefully track the virus and immunity over time.

The Scanwell test can only be used for research purposes at this time, since it hasn’t yet received an emergency use authorization by the FDA. The FDA has so far specifically not authorized any at-home tests for COVID-19, including those supported by telemedicine, but it has recently updated its guidance to note that it “sees the public health value in expanding the availability of COVID-19 testing through safe and accurate tests that may include home collection,” and it says it is in the process of actively pursuing the development of tests that fit that profile in partnership with diagnostic companies.

LA-based Scanwell Health, which already provides at-home diagnostics for detecting UTIs, announced its work on securing FDA authorization for use of its at-home serological antibody test last month. The test kits can provide results in as little as 15 minutes once they’re received by diagnostic labs, but questions have been raised about the general accuracy of antibody testing overall regarding COVID-19, and there’s still some debate about the nature and duration of post-infection immunity for people who have contracted and recovered from the virus.

Better understanding immunity and who has recovered are key ingredients in any attempt to gradually relax isolation restrictions, so immunity testing is a core component that. It’s something that will be needed at scale, along with infection testing through existing molecular testing methods, and contact tracing, like the system being put in place through Apple and Google.

Read Full Article

How to Spot and Avoid COVID-19 Pandemic Phishing Scams

Phishing scams are always circulating. Scammers and hackers update their phishing strategies to fit the current news cycle to make their phishing attempts more believable. The current glut of phishing attacks focus on one thing: the COVID-19 pandemic.

Here’s how you spot a COVID-19 phishing scam and how to stay safe online during the pandemic.

How to Spot a COVID-19 Phishing Scam

The coronavirus pandemic is affecting every country in different ways. The online world, however, is still largely open for business. With that comes the threat of hackers, scammers, phishing campaigns, and malware. Just because COVID-19 is forcing people to stay home doesn’t mean that the scammers are also taking a break.

Instead, phishing campaigns are now preying on the fears of people at home, worrying about COVID-19. Scammers are deploying a range of coronavirus phishing tactics, such as “following the links for a cure,” COVID-19 tax refunds and rebates, fake health organization updates, and more.

The difficulty is, as ever, separating the digital wheat from the phishing chaff. So, here are seven coronavirus phishing scam examples you should watch out for.

1. You Might Be Infected

The security researchers over at KnowBe4 spotted a pandemic phishing scam advising potential victims that they are infected. The emails usually carry a subject line such as “COVID-19 CONTACT,” and the phishing email content suggests the reader has come into contact with a confirmed coronavirus case.

To lend the coronavirus phishing email authority, the name of a real-world hospital is used in the signature. The email also comes with a malicious Microsoft Excel attachment posing as a pre-filled hospital form. If the user enables editing in the Excel document, a macro will run, which will download and install a backdoor Trojan.

2. COVID-19 Tax Rebate or Refund

As countries scramble to contain and mitigate the pandemic, scammers are using the prospect of tax relief for individuals and businesses to launch phishing campaigns. The subject matter and style of an email depends on your locale.

In the US, COVID-19 phishing emails carrying the official IRS logo and other seemingly legitimate features are circulating. The email subject line usually contains something like “Stimulus Check,” “Stimulus Payment,” or “COVID-19 Bailout Money.” Plus, the email text will emphasize words like “stimulus,” as well as ask for payment information, to verify the check over the phone, or for other personally identifying information.

The IRS does not and will not contact taxpayers in this manner.

Scammers aren’t taking a COVID-19 break. Be on the lookout for emails, text messages, websites and social media phishing attempts that request money or personal information. To learn more, go to https://t.co/vDM8Y5xCuZ. #COVIDreliefIRS #IRS pic.twitter.com/t5kKeqBBEe

— IRS (@IRSnews) April 9, 2020

“We urge people to take extra care during this period. The IRS isn’t going to call you asking to verify or provide your financial information so you can get an economic impact payment or your refund faster,” said IRS Commissioner Chuck Rettig. “That also applies to surprise emails that appear to be coming from the IRS. Remember, don’t open them or click on attachments or links. Go to IRS.gov for the most up-to-date information.”

It is a similar situation in the UK. After the British government announced that it would contact taxpayers directly to confirm wage assistance schemes and payments, several pandemic phishing emails carrying the official UK government branding began circulating.

Following the link in the phishing email takes you to a website that also carries the official UK government branding. The victim is encouraged to enter their credentials to receive the payment or disclose other personally identifying information.

3. Fake Updates from Health Organizations

As so many health organizations are releasing and updating their active data, there is a steady flow of new information hitting most of us at all times. The difficulty is sifting through the reams of health data to find out which organizations to trust.

If you’re finding it difficult to find a trustworthy source, check out the best COVID-19 health news outlets for the latest updates.

Adding to the confusion are phishing emails containing seemingly accurate news updates. The scammers often use the latest news updates to create an email subject line that mimics the real world, adding authority and authenticity to the scam. It might also contain a chart or other data copied from a health organization site, too.

The following example was spotted by Proofpoint:

fake health organization covid 19 phishing

However, the email will also feature a link to an external site that will ask for personal data of some kind. Alternatively, the fake health news email will come with an attachment featuring a macro downloader that will install malware on the victim’s computer.

Staying abreast of the latest coronavirus news is important. But you should only engage with news on trusted websites or news outlets, rather than a random email appearing in your inbox.

One option is to use the Google COVID-19 microsite, The Keyword, which filters and analyses fake news relating to the pandemic. Other social media services are also combating the rise in fake pandemic news.

4. COVID-19 Safety Measures or Tricks

At some point, you’ve probably seen an advert carrying the line, “Do X with this one neat trick,” followed by the now-classic meme, “Doctors hate him!” Well, some coronavirus phishing campaigns are using a similar style.

The fake safety measures are often used in conjunction with a fake update from a health organization (see the previous section) to suggest that a doctor or healthcare professional is making the statement.

Content-wise, the email subject matter may contain something similar to “Coronavirus 2020—Safety Tips,” or “SARS-CoV-2 2020 Safety Advice from [health organization].” The email will contain an attachment purporting to list the new and amazing coronavirus safety measures. In reality, it is a phishing document that will install malware.

5. Donate Now to Help the Fight Against Coronavirus

We continue to receive a high volume of reports about fake emails being used to solicit donations to the NHS.

The NHS will never ask you to send money directly to a bank account, or make a payment using Bitcoin.

Follow our advice to stay safe online.#coronavirusfrauds pic.twitter.com/hxtaJ3AOFr

— Action Fraud (@actionfrauduk) April 9, 2020

Another classic phishing tactic, and one that pulls at the heartstrings.

The number of healthcare professionals battling COVID-19 is causing difficulties in the procurement of enough personal protective equipment (PPE). While this absolutely is an issue in facilities around the world, the doctors and nurses are not emailing you directly and asking for a donation.

Furthermore, they’re certainly not emailing you and asking for a donation toward their PPE in Bitcoin, to be sent to an anonymous Bitcoin wallet, through an unsolicited email.

Although the Tweet above comes from Action Fraud UK, the same tactic is in use in every country.

6. Offering Discount Personal Protective Equipment

Following on from phishing emails asking for donations towards PPE, you might also encounter phishing emails offering you the chance to purchase discount personal protective equipment, too.

These phishing emails are most likely to offer up protective facemasks, hand sanitizer, or other items that have been difficult to source in certain countries. The phishing email usually contains countless spelling and grammatical errors, will have very little real information, and will contain a picture copied from a Google Image search.

The phishing attempt could also contain a link to an e-commerce phishing portal, or a document listing the products as an attachment. The e-commerce portal will steal your banking information and potentially install malware, while the product listing document is likely a malware downloader and installer.

7. Targeting Those Working from Home

The number of people working from home is skyrocketing due to the pandemic. Those that can work from home are likely extremely grateful for their ongoing employment status. However, the downside is that scammers are using phishing emails focusing on those workers.

As companies switch from face-to-face communication to using email, there is the chance that a phishing email with a spoofed email address could slip through your defenses.

The difficulty for many individuals is the lack of specific training on how to spot and reject phishing emails. Some firms will have trained their employees in online security. Others will have only read about what phishing is online.

Others still will simply have no clue.

Phishing emails targeting people working from home will attempt to spoof internal emails. Scammers may attempt to mimic a human resources department or billing department for a major firm.

Spear phishing is a particular concern for people working from home.

Where a regular phishing campaign uses more of a scattergun approach, spear phishing targets an individual. The content of the phishing emails is extremely convincing, relates specifically to you and the organization you work for (or a charity you’re involved with, and so on), and will usually appear to come from within your workplace.

How to Protect Yourself From COVID-19 Phishing Attacks

Protecting yourself from coronavirus phishing attacks isn’t as difficult as it might seem. Despite the number of phishing emails spiking by over 650%, according to Barracuda Networks, most of the phishing content isn’t particularly sophisticated.

That said, vigilance is key. Here’s how you protect yourself from coronavirus phishing:

Email Links. Do not click on links in emails. If you must click a link, check the URL first. You can hover your mouse cursor over the link, and it will display the address. Is it where you expect the link to go? Does the URL match the name of the organization allegedly emailing you? If you’re unsure, copy and paste the URL into NameCheck’s phishing checker. It’ll give you an instant confirmation if the URL is malicious.
Refuse Email Attachments. Most phishing emails contain a malicious email attachment. The email attachment downloads and installs malware, which in turn will steal data or otherwise. Learn how you can spot and block malicious email attachments.
Too Good to Be True. If the content of the email sounds too good to be true, it probably is. That means it is highly unlikely you are receiving your tax rebate weeks ahead of your neighbor. You most likely have not been singled out to receive a super special deal on N95 respirators. There are not 15 free cases of toilet roll waiting for your collection, if only you could make a deposit. The list goes on, but you get the gist.
Request for Data. Is someone asking you for private information? In an email, you received out of the blue? Don’t give them any of your personal data or information. Email spoofing is a popular phishing technique, and you can learn how to spot it.
Double-Check. Following on from the request for data, you can always double-check the information in the email is correct. If the suspect email comes from a health organization, complete an internet search to check its veracity. Similarly, when an email asks for a donation towards a specific cause, find out if the charity even exists. A cursory internet search can often help stop most phishing attacks before they begin.
Install an Antivirus and Anti-malware. You need a line or two of defense to help you out. Consider installing an antivirus suite to protect your online activities. You could also consider installing an anti-malware solution, like Malwarebytes. This comes in two flavors: free or premium. And before you ask, yes, Malwarebytes Premium is worth the outlay.

Avoid Coronavirus Phishing and Stay Safe Online

The rise in phishing emails is unprecedented. Criminals are taking full advantage of COVID-19 in an attempt to scam as many people as possible. If you follow the tips and maintain your online vigilance, you’ll remain secure.

Staying safe is important. But entertainment is important, too, so check this extensive list of self-isolation tips, tricks, and entertainment options.

Read the full article: How to Spot and Avoid COVID-19 Pandemic Phishing Scams

Read Full Article

Digital mapping of coronavirus contacts will have key role in lifting Europe’s lockdown, says Commission

The European Commission has set out a plan for co-ordinating the lifting of regional coronavirus restrictions that includes a role for digital tools — in what the EU executive couches as “a robust system of reporting and contact tracing”. However it has reiterated that such tools must “fully respect data privacy”.

Last week the Commission made a similar call for a common approach to data and apps for fighting the coronavirus, emphasizing the need for technical measures to be taken to ensure that citizens’ rights and freedoms aren’t torched in the scramble for a tech fix.

Today’s toolbox of measures and principles is the next step in its push to coordinate a pan-EU response.

“Responsible planning on the ground, wisely balancing the interests of protection of public health with those of the functioning of our societies, needs a solid foundation. That’s why the Commission has drawn up a catalogue of guidelines, criteria and measures that provide a basis for thoughtful action,” said EC president Ursula von der Leyen, commenting on the full roadmap in a statement.

“The strength of Europe lies in its social and economic balance. Together we learn from each other and help our European Union out of this crisis,” she added.

Harmonized data gathering and sharing by public health authorities — “on the spread of the virus, the characteristics of infected and recovered persons and their potential direct contacts” — is another key plank of the plan for lifting coronavirus restrictions on citizens within the 27 Member State bloc.

While ‘anonymized and aggregated’ data from commercial sources — such as telcos and social media platforms — is seen as a potential aid to pandemic modelling and forecasting efforts, per the plan.

“Social media and mobile network operators can offer a wealth of data on mobility, social interactions, as well as voluntary reports of mild disease cases (e.g. via participatory surveillance) and/or indirect early signals of disease spread (e.g. searches/posts on unusual symptoms),” it writes. “Such data, if pooled and used in anonymised, aggregated format in compliance with EU data protection and privacy rules, could contribute to improve the quality of modelling and forecasting for the pandemic at EU level.”

The Commission has been leaning on telcos to hand over fuzzy metadata for coronavirus modelling which it wants done by the EU’s Joint Research Centre. It wrote to 19 mobile operators last week to formalize its request, per Euractiv, which reported yesterday that its aim is to have the data exchange system operational ‘as soon as possible’ — with the hope being it will cover all the EU’s member states.

Other measures included in the wider roadmap are the need for states to expand their coronavirus testing capacity and harmonize tesing methodologies — with the Commission today issuing guidelines to support the development of “safe and reliable testing”.

Steps to support the reopening of internal and external EU borders is another area of focus, with the executive generally urging a gradual and phased lifting of coronavirus restrictions.

On contacts tracing apps specifically, the Commission writes:

“Mobile applications that warn citizens of an increased risk due to contact with a person tested positive for COVID-19 are particularly relevant in the phase of lifting containment measures, when the infection risk grows as more and more people get in contact with each other. As experienced by other countries dealing with the COVID-19 pandemic, these applications can help interrupt infection chains and reduce the risk of further virus transmission. They should thus be an important element in the strategies put in place by Member States, complementing other measures like increased testing capacities.

“The use of such mobile applications should be voluntary for individuals, based on users’ consent and fully respecting European privacy and personal data protection rules. When using tracing apps, users should remain in control of their data. National health authorities should be involved in the design of the system. Tracing close proximity between mobile devices should be allowed only on an anonymous and aggregated basis, without any tracking of citizens, and names of possibly infected persons should not be disclosed to other users. Mobile tracing and warning applications should be subject to demanding transparency requirements, be deactivated as soon as the COVID-19 crisis is over and any remaining data erased.”

“Confidence in these applications and their respect of privacy and data protection are paramount to their success and effectiveness,” it adds.

Earlier this week Apple and Google announced a collaboration around coronavirus contracts tracing — throwing their weight behind a privacy-sensitive decentralized approach to proximity tracking that would see ephemeral IDs processed locally on devices, rather than being continually uploaded and held on a central server.

A similar decentralized infrastructure for Bluetooth-based COVID-19 contacts tracing had already been suggested by a European coalition of privacy and security experts, as we reported last week.

While a separate coalition of European technologists and researchers has been pushing a standardization effort for COVID-19 contacts tracing that they’ve said will support either centralized or decentralized approaches — in the hopes of garnering the broadest possible international backing.

For its part the Commission has urged the use of technologies such as decentralization for COVID-19 contacts tracing to ensure tools align with core EU principles for handling personal data and safeguarding individual privacy, such as data minimization.

However governments in the region are working on a variety of apps and approaches for coronavirus contacts tracing that don’t all look as if they will check a ‘rights respecting’ box…

Poland advertised a new product to enforce #coronavirus #COVID19 quarantaine? Electronic bracelet equipped with geolocation sensor (and a microphone, apparently), for "constant monitoring instead of random checks". https://t.co/WipDJDnLK8 pic.twitter.com/ormYjM1EyJ

— Lukasz Olejnik (@lukOlejnik) April 14, 2020

In a video address last week, Europe’s lead privacy regulator, the EDPS, intervened to call for a “panEuropean model ‘COVID-19 mobile application’, coordinated at EU level” — in light of varied tech efforts by Member States which involve the processing of personal data for a claimed public health purpose.

“The use of temporary broadcast identifiers and bluetooth technology for contact tracing seems to be a useful path to achieve privacy and personal data protection effectively,” said Wojciech Wiewiórowski on Monday week. “Given these divergences, the European Data Protection Supervisor calls for a panEuropean model “COVID-19 mobile application”, coordinated at EU level. Ideally, coordination with the World Health Organisation should also take place, to ensure data protection by design globally from the start.”

The Commission has not gone so far in today’s plan — calling instead for Member States to ensure their own efforts align with the EU’s existing data protection framework.

Though its roadmap is also heavy on talk of the need for “coordination between Member States, to avoid negative effects” — dubbing it “a matter of common European interest”. But, for now, the Commission has issued a list of recommendations; it’s up to Member States to choose to fall in behind them or not.

With the caveat that EU regulators are watching very carefully how states’ handle citizens’ data.

“Legality, transparency and proportionality are essential for me,” warned Wiewiórowski, ending last week’s intervention on the EU digital response to the coronavirus with a call for “digital solidarity, which should make data working for all people in Europe and especially for the most vulnerable” — and a cry against “the now tarnished and discredited business models of constant surveillance and targeting that have so damaged trust in the digital society”.

Read Full Article

Digital mapping of coronavirus contacts will have key role in lifting Europe’s lockdown, says Commission

Today’s toolbox of measures and principles is the next step in its push to coordinate a pan-EU response.

“The strength of Europe lies in its social and economic balance. Together we learn from each other and help our European Union out of this crisis,” she added.

Steps to support the reopening of internal and external EU borders is another area of focus, with the executive generally urging a gradual and phased lifting of coronavirus restrictions.

On contacts tracing apps specifically, the Commission writes:

“Confidence in these applications and their respect of privacy and data protection are paramount to their success and effectiveness,” it adds.

A similar decentralized infrastructure for Bluetooth-based COVID-19 contacts tracing had already been suggested by a European coalition of privacy and security experts, as we reported last week.

However governments in the region are working on a variety of apps and approaches for coronavirus contacts tracing that don’t all look as if they will check a ‘rights respecting’ box…

Poland advertised a new product to enforce #coronavirus #COVID19 quarantaine? Electronic bracelet equipped with geolocation sensor (and a microphone, apparently), for "constant monitoring instead of random checks". https://t.co/WipDJDnLK8 pic.twitter.com/ormYjM1EyJ

— Lukasz Olejnik (@lukOlejnik) April 14, 2020

The Commission has not gone so far in today’s plan — calling instead for Member States to ensure their own efforts align with the EU’s existing data protection framework.

With the caveat that EU regulators are watching very carefully how states’ handle citizens’ data.

Read Full Article

Google announces a Journalism Emergency Relief Fund for local newsrooms

Google is offering financial support to local newsrooms hit by the economic fallout of the COVID-19 pandemic, as part of its Google News Initiative.

The company isn’t disclosing the size of what it’s calling its Journalism Emergency Relief Fund, but in a blog post, Google VP of News Richard Gingras said the goal is to fund “thousands of small, medium and local news publishers globally,” through awards ranging from “low thousands of dollars for small hyper-local newsrooms to low tens of thousands for larger newsrooms, with variations per region.”

“Local news is a vital resource for keeping people and communities connected in the best of times,” Gingras said. “Today, it plays an even greater function in reporting on local lockdowns or shelter at home orders, school and park closures, and data about how COVID-19 is affecting daily life. But that role is being challenged as the news industry deals with job cuts, furloughs and cutbacks as a result of the economic downturn prompted by COVID-19.”

Applications for funding open now. They will be open for two weeks, at 11:59pm Pacific time on April 29.

Gingras also said Google.org will be donating $1 million total to two organizations supporting journalists, the International Center for Journalists and the Columbia Journalism School’s Dart Center for Journalism and Trauma.

The Google News Initiative (a broader effort to support journalism with an initial $300 million in funding) previously announced that it would be spending $6.5 million to support fact checkers and nonprofits that are working to fight coronavirus-related misinformation, funding that’s already led to tools like the COVID-19 Case Mapper.

Facebook has also said it’s committing $100 million ($25 million in grant funding for local coverage, plus $75 million in marketing) to support local news organizations in response to the current crisis.

Read Full Article

How to Bundle your React App in a Single File

When you create a production build for your React App, the output folder contains the main index.html file and associated JavaScript and CSS files are added in the /static/js and /static/css folders respectively.

If you are to combine all these JS and CSS files of React App in a single bundle, you can use gulp. Here’s how:

Go to the command line and install the gulp packages as dev dependencies in your package.json file.

npm install --save-dev gulp gulp-inline-source gulp-replace

Next, create a .env file in your project root folder and set the following environment variable to disable source maps.

INLINE_RUNTIME_CHUNK=false
GENERATE_SOURCEMAP=false
SKIP_PREFLIGHT_CHECK=true

Next, create a gulpfile.js file in the root folder.

const gulp = require('gulp')
const inlinesource = require('gulp-inline-source')
const replace = require('gulp-replace')

gulp.task('default', () => {
    return gulp.src('./build/*.html')
        .pipe(replace('.js"></script>', '.js" inline></script>'))
        .pipe(replace('rel="stylesheet">', 'rel="stylesheet" inline>'))
        .pipe(inlinesource({
            compress: false,
            ignore: ['png']
        }))
        .pipe(gulp.dest('./build'))
});

The gulp task will add the inline attribute to the <script> and the <link> tags. The inlinesource module will read these inline attributes in the html file and replace them with the actual content of the corresponding files.

Run npm run build or npx react-scripts build to create an optimized production build for your React App and then run the command npx gulp to bundle all the JS and CSS files in the static build folder into the single main html file.

How to Update the Library Version in Google Script

This guide explains how you can update the library version in your Google Script. It is specifically written for File Upload Forms but the steps are similar for any Apps Script Projects.

Open the Google Sheet associated with your form and go to Tools > Script Editor.

Inside the Script Editor, go to the Resources menu and choose Libraries

You’ll see a list of libraries used by your Google Script project. For the FormsApp library, open the Version dropdown and choose the highest version of the library. Click the Save button to upgrade your project to the new library.

Next, go to the Publish menu and choose Deploy as Web App.

Choose a new project version and click update to publish a new version of your Apps Script web app.

Your Google Script project is now updated to use the latest version of the included libraries.

OnePlus Unveils the OnePlus 8 and OnePlus 8 Pro Android Smartphones

OnePlus has built a reputation for producing some of the most reliable and high-end Android phones, giving much-needed competition for Samsung.

Fortunately, then, the company has unveiled its latest flagship devices; the OnePlus 8 and the OnePlus 8 Pro.

OnePlus 8

The OnePlus 8 comes equipped with a 6.55-inch 1080×2400 HD display. This edge-to-edge screen is covered in Gorilla Glass for impact protection, too. Previous OnePlus devices featured the controversial notch at the top of the display. However, the OnePlus 8 opts for a small punch hole for the selfie camera, instead.

This front-facing 16MP camera uses the Sony IMX471 sensor. The rear camera uses a three-lens arrangement, a 48MP primary sensor, a 2MP macro lens, and 16MP ultra-wide sensor.

The phone features Bluetooth 5.1, NFC, and GPS. For the first time on a OnePlus device, the OnePlus 8 and 8 Pro both support 5G networks, too.

The OnePlus 8 runs the company’s OxygenOS based on Android 10. There’s an option for either 8GB or 12GB of RAM. The phone uses the Snapdragon 865 CPU and is supported with a 4,300mAh battery.

The OnePlus 8 is available in Glacial Green, Interstellar Glow, and Onyx Black. The base configuration will be available for $799.

OnePlus 8 Pro

Following in the footsteps of other flagship manufacturers, the OnePlus 8 Pro is a larger, more expensive, and more feature-packed edition of the phone.

The device weighs 199g, making it almost 20g heavier than the OnePlus 8. However, this is to accommodate the larger 6.79-inch, 3168×1440 resolution display. To support this, the battery is also larger at 4,510mAh.

The phone shares the same CPU as its smaller sibling and is also available with 8GB or 12GB of RAM. The 48MP rear camera uses the upgraded Sony IMX689 sensor. The ultra-wide lens also receives an upgrade to 48MP.

The OnePlus 8 Pro is also available in Glacial Green and Onyx Black, alongside Ultramarine Blue. The base configuration will be available for $999.

Which Flagship Smartphone Will You Choose?

The OnePlus 8 and OnePlus 8 Pro show that the company wants to position these as flagship devices to rival those from Samsung and Apple. Both phones will be available to order from April 15, 2020 at the OnePlus Store.

It’s also noteworthy that the new smartphones will launch with 5G support. If you are concerned by the latest technology, find out whether 5G is safe or dangerous before investing.

Read the full article: OnePlus Unveils the OnePlus 8 and OnePlus 8 Pro Android Smartphones

Read Full Article

Pages

15 April 2020

How to Spot a COVID-19 Phishing Scam

1. You Might Be Infected

2. COVID-19 Tax Rebate or Refund

3. Fake Updates from Health Organizations

4. COVID-19 Safety Measures or Tricks

5. Donate Now to Help the Fight Against Coronavirus

6. Offering Discount Personal Protective Equipment

7. Targeting Those Working from Home

How to Protect Yourself From COVID-19 Phishing Attacks

Avoid Coronavirus Phishing and Stay Safe Online

OnePlus 8

OnePlus 8 Pro

Which Flagship Smartphone Will You Choose?