15 July 2019

Blackstone is acquiring mobile ad company Vungle


Private equity firm Blackstone just announced that it has reached an agreement to acquire mobile advertising company Vungle.

The companies aren’t disclosing the financial terms, but as part of the transaction, Vungle has also reached a settlement with founder Zain Jaffer, who filed a wrongful termination lawsuit against the company earlier this year.

“As a best-in-class performance marketing platform, Vungle represents a key growth engine for the mobile app ecosystem,” said Blackstone principal Sachin Bavishi in a statement. “Our investment will help deliver on the company’s tremendous growth potential and we look forward to partnering with management to extend Vungle’s strength across mobile gaming and other performance brands.”

Meanwhile, CEO Rick Tallman said the deal will allow the company to “further accelerate Vungle’s mission to be the trusted guide for growth and engagement, transforming how users discover and experience mobile apps.”

Vungle was founded back in 2011, and according to the acquisition release, it’s currently working with 60,000 mobile apps worldwide, serving more than 4 billion video views per month and working with publishers like Rovio, Zynga, Pandora, Microsoft and Scopely.

Jaffer led Vungle as CEO until October 2017, when he was arrested on charges including performing a lewd act upon a child and assault with a deadly weapon. The charges were ultimately dropped, with the San Mateo County District Attorney’s office stating that it “not believe that there was any sexual conduct by Mr. Jaffer that evening,” while “the injuries were the result of Mr. Jaffer being in a state of unconsciousness caused by prescription medication.”

In his lawsuit, Jaffer alleged that after the charges were dropped, “Vungle unfairly and unlawfully sought to destroy my career, blocked my efforts to sell my own shares or transfer shares to family members, and tried to prevent me from purchasing shares in the Company.”

In a statement today, Jaffer said, he is “pleased with the terms of the settlement, which are confidential.” He also commented on the acquisition:

It is extremely gratifying for me to see our early vision, execution and the hard work of so many talented people rewarded like this. From Day 1, Vungle has been at the forefront of the changing advertising landscape. Today, companies of all sizes, and in all industries, are utilizing in-app video ads as an integral part of their customer acquisition strategies.

The acquisition is expected to close later this year. According to Crunchbase, Vungle previously raised more than $25 million from Crosslink Capital, Thomvest Ventures and others.

 


Read Full Article

Facebook’s testimony to congress: Libra will be regulated by Swiss


The head of Facebook’s blockchain subsidiary Calibra David Marcus has released his prepared testimony before congress for tomorrow and Wednesday, explaining that the Libra Association will be regulated by the Swiss government since that’s where it’s headquartered. Meanwhile, he says the Libra Association and Facebook’s Calibra wallet intend to comply will all US tax, anti-money laundering, and anti-fraud laws.

“The Libra Association expects that it will be licensed, regulated, and subject to supervisory oversight. Because the Association is headquartered in Geneva, it will be supervised by the Swiss Financial Markets Supervisory Authority (FINMA)” Marcus writes. “We have had preliminary discussions with FINMA and expect to engage with them on an appropriate regulatory framework for the Libra Association. The Association also intends to register with FinCEN [The U.S. Treasury Department’s Financial Crimes Enforcement Network]  as a money services business.”

Marcus will be defending Libra before the Senate Banking Committee on July 16th and the House Financial Services Committees on July 17th. The House subcomittee’s Rep Maxine Waters has already issued a letter to Facebook and the Libra Association requesting that it halt development and plans to launch Libra in early 2020 “until regulators and Congress have an opportunity to examine these issues and take action.”

The big question is whether Congress is savvy enough to understand Libra to the extent that it can coherently regulate it. Facebook CEO Mark Zuckerberg’s testimonies before Congress last year were rife with lawmakers dispensing clueless or off-topic questions.

Sen. Orin Hatch infamously demanded to know “how do you sustain a business model in which users don’t pay for your service?”, to which Zuckerberg smirked, “Senator, we run ads.” If that concept trips up Congress, it’s hard to imagine it grasping a semi-decentralized stablecoin cryptocurrency that took us 4000 words to properly explain, and a 6-minute video just to summarize.

Attempting to assuage a core concern that Libra is trying to replace the dollar or meddle in financial policy, Marcus writes that “The Libra Association, which will manage the Reserve, has no intention of competing with any sovereign currencies or entering the monetary policy arena. It will work with the Federal Reserve and other central banks to make sure Libra does not compete with sovereign currencies or interfere with monetary policy. Monetary policy is properly the province of central banks

Marcus’ testimony comes days after President Donald Trump tweeted Friday to condemn Libra, claiming thaat “Unregulated Crypto Assets can facilitate unlawful behavior, including drug trade and other illegal activity. Similarly, Facebook Libra’s ‘virtual currency’ will have little standing or dependability. If Facebook and other companies want to become a bank, they must seek a new Banking Charter and become subject to all Banking Regulations, just like other Banks, both National and International.”

TechCrunch asked Facebook for a response Friday, which it declined to provide. However, a Facebook spokesperson noted that the Libra association won’t interact with consumers or operate as a bank, and that Libra is meant to be a complement to the existing financial system.

Regarding how Libra will comply with US anti-money laundering (AML) and know-your-customer (KYC) laws, Marcus explains that “The Libra Association is similarly committed to supporting efforts by regulators, central banks, and lawmakers to ensure that Libra contributes to the fight against money laundering, terrorism financing, and more” Marcus explains. “The Libra Association will also maintain policies and procedures with respect to AML and the Bank Secrecy Act, combating the financing of terrorism, and other national security-related laws, with which its members will be required to comply if they choose to provide financial services on the Libra network”

He argues that “Libra should improve detection and enforcement, not set them back” because cash transactions are frequently used by criminals to avoid law enforcement. “A network that helps move more paper cash transactions—where many illicit activities happen—to a digital network that features regulated on- and off-ramps with proper know-your-customer (KYC) practices, combined with the ability for law enforcement and regulators to conduct their own analysis of on-chain activity, will present an opportunity to increase the efficacy of financial crimes monitoring and enforcement.”

As for Facebook itself, Marcus writes that “The Calibra wallet will comply with FinCEN’s rules for its AML/CFT program and the rules set by the Office of Foreign Assets Control (OFAC) . . . Similarly, Calibra will comply with the Bank Secrecy Act and will incorporate KYC and AML/CFT methodologies used around the world.”

These answers might help to calm finance legal eagles, but I expect much of the questioning from Congress will deal with the far more subjective matter of whether Facebook can be trusted after a decade of broken privacy promises, data leaks, and fake news scandals like Cambridge Analytica.

That’s why I don’t expect the following statement from Marcus about how Facebook has transformed the state of communication will play well with lawmakers that are angry about how those changes impacted society. “We have done a lot to democratize free, unlimited communications for billions of people. We want to help do the same for digital currency and financial services, but with one key difference: We will relinquish control over the network and currency we have helped create.” Congress may interpret ‘democratize’ as ‘screw up’, and not want to see the same happen to money.

Facebook and Calibra may have positive intentions to assist the unbanked who are indeed swindled by banks and money transfer services that levy huge fees against poorer families. But Facebook isn’t acting out of pure altruism here, as it stands to earn money from Libra in three big ways that aren’t mentioned in Marcus’ testimony:

  1. It will earn a share of interest earned on the Libra Reserve of traditional currencies it holds as collateral for Libra that could mount into the billions if Libra becomes popular.
  2. It will see Facebook ad sales grow if merchants seek to do more commerce over the Internet because they can easily and cheaply accept online payments through Libra and therefore put marketing spend into those efficiently-converting channels like Facebook and Google.
  3. It will try to sell additional financial services through Calibra potentially including loans and credit where it could ask users to let it integrate their Facebook data to get a better rate, potentially decreasing defaults and earning Facebook larger margins than other players.

The real-world stakes are much higher here than in photo sharing, and warrant properly regulatory scrutiny. No matter how much Facebook tries to distance itself from ownership of Libra, it started, incubated, and continues to lead the project. If Congress is already convinced “big is bad”, and Libra could make Facebook bigger, that may make it difficult to separate their perceptions of Facebook and Libra in order to assess the currency on its merits and risks.

Below you can read Marcus’ full testimony:

For full details on how Libra works, read our feature story on everything you need to know


Read Full Article

Twitter rolls out its redesigned desktop website with simplified navigation, more features


Twitter’s website is getting a major overhaul. The company has been testing a new version of its desktop website since the beginning of the year, and today the final product is rolling out to the public. The upgraded experience simplifies navigation with a new — and fairly large — left-hand sidebar that directs you to all of Twitter’s key sections, including Notifications, Direct Messages, Explore, Bookmarks, Lists, and more. The site also features an expanded, more inbox-like Direct Messages screen where you can view and respond to conversations in one place; plus easy profile switching, support for more themes, advanced search, and other features.

The popular dark modes, Dim and the very black Lights Out mode, are now supported along with more ways to personalize Twitter through different themes and color options.

But the most noticeable change is the organization and layout of the Twitter home screen itself.

Below: the old Twitter.com

Screen Shot 2019 07 15 at 11.03.41 AMBelow: the new Twitter.com

Twitter Web Dark Mode2

The update is designed to make it easier to move around Twitter. Before, you’d have to click on your Profile icon to access features like Lists, Themes, Settings, and other options. Meanwhile, getting to Moments was available both in this Profile dropdown menu and in the main Twitter navigation at the top of the screen, next to Notifications and Messages.

Screen Shot 2019 07 15 at 11.04.49 AM

Now, Moments is being downgraded to the “More” menu in the redesign — as seen in a test running earlier this summer — and Explore instead gets the top billing. As on mobile, Explore will direct users to more live videos and personalized local moments, says Twitter. This is also where you’ll find Top Trends, while Personalized Trends will be featured on the right-hand sidebar on the home screen. (See above).

In addition, Twitter finally brought the over a year old Bookmarks feature to the desktop’s main navigation.

With the update, the new navigation menu includes: Home, Explore, Notifications, Messages, Bookmarks, Lists, Profile, and then More — the latter, a menu where you’ll find things like Moments, Twitter’s ad tools, Settings, and other features.

The new Compose feature has been slightly tweaked as well, with options to include a photo, GIF, poll or emoji now all in the bottom left — with the emoji button now swapping in for the location button, following Twitter’s decision to make sharing precise location less of a priority, given its lack of use.

Though the new home screen is arguably better-organized, the navigation text itself and the amount of screen real estate it takes up is overly large.

This detracts somewhat from the main content — the tweets themselves — because your eye is naturally drawn to the oversize navigation labels at first, not the posts flowing in the timeline. This can also be a jarring change to get used to for longtime Twitter.com users. (Good thing there’s a new Mac desktop app on the way.)

Screen Shot 2019 07 15 at 11.49.11 AM

If you really can’t stand the navigation labels’ size, you can make the webpage smaller which then hides the text labels of the navigation items, leaving only their icons. This, unfortunately, isn’t all that useful if you like to keep Twitter open in a tab alongside all your other tabs. It works better if you pop out Twitter.com into its own window.

The navigation changes were likely a design choice Twitter made, in part, to simplify the use of its product by more casual users and newcomers.

The company has struggled with user growth throughout its history, even changing how it reports metrics to paint a better picture of its business. Now, you’d have to be almost completely web illiterate to not find your way around the new Twitter.com. But only time will tell what effect this has on growing its user base.

Not all the changes will be as controversial as the new layout, though.

For example, the now double-paned Direct Message section is more welcome as it makes using Messages feel more like the real inbox it often is — with the message list on the left and conversations on the right.

Search got an update, as well, which puts tabs for moving between “Top,” “Latest,” “People,” “Photos,” and “Videos” at the top of the screen, with Advanced Search Filters to the right.

Screen Shot 2019 07 15 at 11.55.49 AM

And for those with multiple Twitter accounts, you can now switch between them from the main navigation. That’s helpful.

Twitter’s tests of the updated design had been rolling out to more people throughout the year — it even tried two different versions for a time. Throughout this process, the company incorporated some of the user feedback it received. For example, the changes to the Messaging screen and the high priority given to Bookmarks were among the requests Twitter addressed.

But generally speaking, Twitter was aiming to deliver a more consistent, seamless experience across both the phone and the web platforms with this update, a company spokesperson told us.

There’s some bad news for old school Twitter.com users — as of this public launch of the redesign, there’s no option for going back to the legacy experience, as there was during the testing period.

Twitter says the upgraded look will begin rolling out globally starting today.

 

 


Read Full Article

‘The Operators’: Understanding your user – The art and science of UI/UX behind Facebook, Google, Mint, and Edmodo

Facebook’s testimony to congress: Libra will be regulated by Swiss


The head of Facebook’s blockchain subsidiary Calibra David Marcus has released his prepared testimony before congress for tomorrow and Wednesday, explaining that the Libra Association will be regulated by the Swiss government since that’s where it’s headquartered. Meanwhile, he says the Libra Association and Facebook’s Calibra wallet intend to comply will all US tax, anti-money laundering, and anti-fraud laws.

“The Libra Association expects that it will be licensed, regulated, and subject to supervisory oversight. Because the Association is headquartered in Geneva, it will be supervised by the Swiss Financial Markets Supervisory Authority (FINMA)” Marcus writes. “We have had preliminary discussions with FINMA and expect to engage with them on an appropriate regulatory framework for the Libra Association. The Association also intends to register with FinCEN [The U.S. Treasury Department’s Financial Crimes Enforcement Network]  as a money services business.”

Marcus will be defending Libra before the Senate Banking Committee on July 16th and the House Financial Services Committees on July 17th. The House subcomittee’s Rep Maxine Waters has already issued a letter to Facebook and the Libra Association requesting that it halt development and plans to launch Libra in early 2020 “until regulators and Congress have an opportunity to examine these issues and take action.”

The big question is whether Congress is savvy enough to understand Libra to the extent that it can coherently regulate it. Facebook CEO Mark Zuckerberg’s testimonies before Congress last year were rife with lawmakers dispensing clueless or off-topic questions.

Sen. Orin Hatch infamously demanded to know “how do you sustain a business model in which users don’t pay for your service?”, to which Zuckerberg smirked, “Senator, we run ads.” If that concept trips up Congress, it’s hard to imagine it grasping a semi-decentralized stablecoin cryptocurrency that took us 4000 words to properly explain, and a 6-minute video just to summarize.

Attempting to assuage a core concern that Libra is trying to replace the dollar or meddle in financial policy, Marcus writes that “The Libra Association, which will manage the Reserve, has no intention of competing with any sovereign currencies or entering the monetary policy arena. It will work with the Federal Reserve and other central banks to make sure Libra does not compete with sovereign currencies or interfere with monetary policy. Monetary policy is properly the province of central banks

Marcus’ testimony comes days after President Donald Trump tweeted Friday to condemn Libra, claiming thaat “Unregulated Crypto Assets can facilitate unlawful behavior, including drug trade and other illegal activity. Similarly, Facebook Libra’s ‘virtual currency’ will have little standing or dependability. If Facebook and other companies want to become a bank, they must seek a new Banking Charter and become subject to all Banking Regulations, just like other Banks, both National and International.”

TechCrunch asked Facebook for a response Friday, which it declined to provide. However, a Facebook spokesperson noted that the Libra association won’t interact with consumers or operate as a bank, and that Libra is meant to be a complement to the existing financial system.

Regarding how Libra will comply with US anti-money laundering (AML) and know-your-customer (KYC) laws, Marcus explains that “The Libra Association is similarly committed to supporting efforts by regulators, central banks, and lawmakers to ensure that Libra contributes to the fight against money laundering, terrorism financing, and more” Marcus explains. “The Libra Association will also maintain policies and procedures with respect to AML and the Bank Secrecy Act, combating the financing of terrorism, and other national security-related laws, with which its members will be required to comply if they choose to provide financial services on the Libra network”

He argues that “Libra should improve detection and enforcement, not set them back” because cash transactions are frequently used by criminals to avoid law enforcement. “A network that helps move more paper cash transactions—where many illicit activities happen—to a digital network that features regulated on- and off-ramps with proper know-your-customer (KYC) practices, combined with the ability for law enforcement and regulators to conduct their own analysis of on-chain activity, will present an opportunity to increase the efficacy of financial crimes monitoring and enforcement.”

As for Facebook itself, Marcus writes that “The Calibra wallet will comply with FinCEN’s rules for its AML/CFT program and the rules set by the Office of Foreign Assets Control (OFAC) . . . Similarly, Calibra will comply with the Bank Secrecy Act and will incorporate KYC and AML/CFT methodologies used around the world.”

These answers might help to calm finance legal eagles, but I expect much of the questioning from Congress will deal with the far more subjective matter of whether Facebook can be trusted after a decade of broken privacy promises, data leaks, and fake news scandals like Cambridge Analytica.

That’s why I don’t expect the following statement from Marcus about how Facebook has transformed the state of communication will play well with lawmakers that are angry about how those changes impacted society. “We have done a lot to democratize free, unlimited communications for billions of people. We want to help do the same for digital currency and financial services, but with one key difference: We will relinquish control over the network and currency we have helped create.” Congress may interpret ‘democratize’ as ‘screw up’, and not want to see the same happen to money.

Facebook and Calibra may have positive intentions to assist the unbanked who are indeed swindled by banks and money transfer services that levy huge fees against poorer families. But Facebook isn’t acting out of pure altruism here, as it stands to earn money from Libra in three big ways that aren’t mentioned in Marcus’ testimony:

  1. It will earn a share of interest earned on the Libra Reserve of traditional currencies it holds as collateral for Libra that could mount into the billions if Libra becomes popular.
  2. It will see Facebook ad sales grow if merchants seek to do more commerce over the Internet because they can easily and cheaply accept online payments through Libra and therefore put marketing spend into those efficiently-converting channels like Facebook and Google.
  3. It will try to sell additional financial services through Calibra potentially including loans and credit where it could ask users to let it integrate their Facebook data to get a better rate, potentially decreasing defaults and earning Facebook larger margins than other players.

The real-world stakes are much higher here than in photo sharing, and warrant properly regulatory scrutiny. No matter how much Facebook tries to distance itself from ownership of Libra, it started, incubated, and continues to lead the project. If Congress is already convinced “big is bad”, and Libra could make Facebook bigger, that may make it difficult to separate their perceptions of Facebook and Libra in order to assess the currency on its merits and risks.

Below you can read Marcus’ full testimony:

For full details on how Libra works, read our feature story on everything you need to know


Read Full Article

48-hour, buy-one-get-one sale — TC Sessions: Enterprise 2019


Every startupper we’ve ever met loves a great deal, and so do we. That’s why we’re celebrating Prime day with a 48-hour flash sale on tickets to TC Sessions: Enterprise 2019, which takes place September 5 at the Yerba Buena Center for the Arts in San Francisco.

We’re talking a classic BOGO — buy-one-get-one — deal that starts today and ends tomorrow, July 16, at 11:59 p.m. (PT). Buy one early-bird ticket ($249) and you get a second ticket for free. But this BOGO goes bye-bye in just 48 hours, so don’t wait. Buy your TC Sessions: Enterprise tickets now and save.

Get ready to join more than 1,000 attendees for a day-long, intensive experience exploring the enterprise colossus — a tech category that generates hundreds of new startups, along with a steady stream of multibillion-dollar acquisitions, every year.

What can you expect at TC Sessions: Enterprise? For starters, you’ll hear TechCrunch editors interview enterprise software leaders, including tech titans, rising founders and boundary-breaking VCs.

One such titan, George Brady — Capital One’s executive VP in charge of tech operations — will join us to discuss how the financial institution left legacy hardware and software behind to embrace the cloud. Quite a journey in such a highly regulated industry.

Our growing speaker roster features other enterprise heavy-hitters, including Aaron Levie, Box co-founder and CEO; Aparna Sinha, Google’s director of product management for Kubernetes and Anthos; Jim Clarke, Intel’s director of quantum hardware; and Scott Farquhar, co-founder and co-CEO of Atlassian.

Looking for in-depth information on technical enterprise topics? You’ll find them in our workshops and breakout sessions. Check out the exhibiting early-stage enterprise startups focused on disrupting, well, everything. Enjoy receptions and world-class networking with other founders, investors and technologists actively building the next generation of enterprise services.

TC Sessions: Enterprise 2019 takes place September 5, and we pack a lot of value into a single day. Double your ROI and take advantage of our 48-hour BOGO sale. Buy your ticket before July 16 at 11:59 p.m. (PT) and get another ticket free. That’s two tickets for one early-bird price. And if that’s not enough value, get this: we’ll register you for a free Expo-only pass to Disrupt SF 2019 for every TC Sessions: Enterprise ticket you purchase (mic drop).

Interested in sponsoring TC Sessions: Enterprise? Fill out this form and a member of our sales team will contact you.


Read Full Article

Week-in-Review: Google’s never-ending autonomous road trip


Hello, weekend readers. This is Week-in-Review, where I give a heavy amount of analysis and/or rambling thoughts on one story while scouring the rest of the hundreds of stories that emerged on TechCrunch this week to surface my favorites for your reading pleasure.

Last week, I talked about how Alexa wasn’t forgetting what you requested because that data was more valuable than one might think.


Photo by Justin Sullivan/Getty Images

The big story

In thinking about what to highlight in this week’s newsletter, I was tempted to talk about Zoom and Apple and Superhuman and the idea that secure communications can get screwed up when consent is bypassed, and I’m sure that’s something I’ll dig into down the road, but what intrigued me most this week was a single factoid from Google’s self-driving unit.

Waymo’s CTO told TechCrunch this week that the company has logged 10 billion miles of autonomous driving in simulation. That means that while you might have seen a physical Waymo vehicle driving past you, the real ground work has been laid in digital spaces that are governed by the laws of game engines.

The idea of simulation-training is hardly new; it’s how we’re building plenty of computer vision-navigated machines right now — hell, plenty of self-driving projects have been built leveraging systems like the traffic patterns in games like Grand Theft Auto. These billions of logged miles are just another type of training data, but they’re also a pretty clear presentation of where self-supervised learning systems could theoretically move, creating the boundaries for a model while letting the system adjust its own rules of operation.

“I think what makes it a good simulator, and what makes it powerful is two things,” Waymo’s CTO Dmitri Dolgov told us. “One [is] fidelity. And by fidelity, I mean, not how good it looks. It’s how well it behaves, and how representative it is of what you will encounter in the real world. And then second is scale.”

Robotics and AV efforts are going to rely more and more on learning the rules of how the laws of the universe operate, but those advances are going to be accompanied by other startups’ desires to build more high visual fidelity understanding of the world

There are plenty of pressures to create copies of Earth. Apple is building more detailed maps with sensor-laden vehicles, AR startups are actively 3D-mapping cities using crowd-sourced data and game engine companies like Unity and Epic Games are building engines that replicate nature’s laws in digital spaces.

This is all to say that we’re racing to recreate our spatial world digitally, but we might just be scratching the surface of the relationship between AI and 3D worlds.

Send me feedback
on Twitter @lucasmtny or email
lucas@techcrunch.com

On to the rest of the week’s news.

(Photo: by Chip Somodevilla/Getty Images)

Trends of the week

Here are a few big news items from big companies, with green links to all the sweet, sweet added context.

  • Trump must unblock his Twitter critics
    Twitter is a consumer product, so politicians using it might feel like it’s their own personal account, but when they use it for political announcements it becomes an official communications channel, and using features like blocking stifles national free speech. So says an NY-based appeals court this week of President Trump’s habit of blocking critics. It’s undoubtedly a ruling that’s going to have far-reaching implications for U.S. political figures that use social media. Read more here.
  • Nintendo switches up the Switch
    The Nintendo Switch arrived on the scene with the bizarre notoriety of being a handheld system that was also a home console, but it’s not enough for the Japanese game company to capture the hybrid market, it’s looking to revisit the success it had back in the peak Nintendo DS days. The company announced the Switch Lite this week, which strips away a number of features for the sake of making a smaller, simpler version of the Nintendo Switch that is handheld-only and sports a longer battery life. Read more here.
  • Google and Amazon bury the home-streaming hatchet
    At long last, one of the stranger passive aggressive fights in the smart home has come to a close. Amazon’s Prime Video is finally available on Google’s Chromecast and YouTube is now on Fire TV after a years-long turf war between the two platforms. Read more here.
  • AT&T maxes out its HBO ambitions
    When AT&T bought HBO, via its Time Warner acquisition, execs made clear that they had acquired a premium product and planned to shift its standing in the market. The company announced this week that it will be launching a new service called HBO Max next year that will bring in new content, including “Friends.” Read more here.

GAFA Gaffes

How did the top tech companies screw up this week? This clearly needs its own section, in order of badness:

  1. Apple nips a security nightmare in the bud:
    [Apple disables Walkie Talkie app due to vulnerability]
  2. Amazon warehouse workers plan strike:
    [Amazon warehouse workers in Minnesota plan to strike on Prime Day over labor practices]

wannacry hero 2 image

Extra Crunch

Our premium subscription service had another great week of deep dives. My colleague Zack Whittaker revisited the WannaCry ransomware that hit in 2017 with a lengthy profile and interviews with the researchers that stopped the malware dead in its tracks. After you dig into that profile, you can check out his Extra Crunch piece that digs further into how security execs and startups can learn from the saga.

What CISOs need to learn from WannaCry

“…There is a good chance that your networks are infected with WannaCry — even if your systems haven’t yet been encrypted. Hankins told TechCrunch that there were 60 million attempted “detonations” of the WannaCry ransomware in June alone. So long as there’s a connection between the infected device and the kill switch domain, affected computers will not be encrypted….”

Here are some of our other top reads this week for premium subscribers. This week, we talked a bit about the future of car ownership and “innovation banking.”

Want more TechCrunch newsletters? Sign up here.


Read Full Article

How Hacking Works


How Hacking Works

Waze now shows road toll prices along your driving route


Navigation app Waze is making getting to where you’re going even easier – or at least more transparent. A new feature rolling out today will show you any tolls along your route, including the actual amount you’re going to pay, across both the U.S. and Canada.

This is above and beyond what you’ll get in most navigation apps, where you might get a visual or text indicator that there is a toll on one of the roads in your path (and you can opt to avoid them if possible) but you won’t know what you’re actually paying. With Waze, you’ll get the amount – sourced from its community of user drivers, rather than direct from the official toll road operators, however, but Waze’s crowd-sourced navigation data often has a leg up on the official source in other cases.

Waze will show you the toll prices up front, too, before the navigation actually gets under way, which is great because that’s when you actually have the opportunity to do something about it, whether it’s scrounging seat cushion change or just choosing to drive a different way.

This will be rolling out beginning today, so keep an eye out if you’re trying to get somewhere in the U.S. or Canada.


Read Full Article

No technical reason to exclude Huawei as 5G supplier, says UK committee


A UK parliamentary committee has concluded there are no technical grounds for excluding Chinese network kit vendor Huawei from the country’s 5G networks.

In a letter from the chair of the Science & Technology Committee to the UK’s digital minister Jeremy Wright, the committee says: “We have found no evidence from our work to suggest that the complete exclusion of Huawei from the UK’s telecommunications networks would, from a technical point of view, constitute a proportionate response to the potential security threat posed by foreign suppliers.”

Though the committee does go on to recommend the government mandate the exclusion of Huawei from the core of 5G networks, noting that UK mobile network operators have “mostly” done so already — but on a voluntary basis.

If it places a formal requirement on operators not to use Huawei for core supply the committee urges the government to provide “clear criteria” for the exclusion so that it could be applied to other suppliers in future.

Reached for a response to the recommendations, a government spokesperson told us: “The security and resilience of the UK’s telecoms networks is of paramount importance. We have robust procedures in place to manage risks to national security and are committed to the highest possible security standards.”

The spokesperson for the Department for Digital, Media, Culture and Sport added: “The Telecoms Supply Chain Review will be announced in due course. We have been clear throughout the process that all network operators will need to comply with the Government’s decision.”

In recent years the US administration has been putting pressure on allies around the world to entirely exclude Huawei from 5G networks — claiming the Chinese company poses a national security risk.

Australia announced it was banning Huawei and another Chinese vendor ZTE from providing kit for its 5G networks last year. Though in Europe there has not been a rush to follow the US lead and slam the door on Chinese tech giants.

In April leaked information from a UK Cabinet meeting suggested the government had settled on a policy of granting Huawei access as a supplier for some non-core parts of domestic 5G networks, while requiring they be excluded from supplying components for use in network cores.

On this somewhat fuzzy issue of delineating core vs non-core elements of 5G networks, the committee writes that it “heard unanimously and clearly” from witnesses that there will still be a distinction between the two in the next-gen networks.

It also cites testimony by the technical director of the UK’s National Cyber Security Centre (NCSC), Dr Ian Levy, who told it “geography matters in 5G”, and pointed out Australia and the UK have very different “laydowns” — meaning “we may have exactly the same technical understanding, but come to very different conclusions”.

In a response statement to the committee’s letter, Huawei SVP Victor Zhang welcomed the committee’s “key conclusion” before going on to take a thinly veiled swiped at the US — writing: “We are reassured that the UK, unlike others, is taking an evidence based approach to network security. Huawei complies with the laws and regulations in all the markets where we operate.”

The committee’s assessment is not all comfortable reading for Huawei, though, with the letter also flagging the damning conclusions of the most recent Huawei Oversight Board report which found “serious and systematic defects” in its software engineering and cyber security competence — and urging the government to monitor Huawei’s response to the raised security concerns, and to “be prepared to act to restrict the use of Huawei equipment if progress is unsatisfactory”.

Huawei has previously pledged to spend $2BN addressing security shortcomings related to its UK business — a figure it was forced to qualify as an “initial budget” after that same Oversight Board report.

“It is clear that Huawei must improve the standard of its cybersecurity,” the committee warns.

It also suggests the government consults on whether telecoms regulator Ofcom needs stronger powers to be able to force network suppliers to clean up their security act, writing that: “While it is reassuring to hear that network operators share this point of view and are ready to use commercial pressure to encourage this, there is currently limited regulatory power to enforce this.”

Another committee recommendation is for the NCSC to be consulted on whether similar security evaluation mechanisms should be established for other 5G vendors — such as Ericsson and Nokia: Two European based kit vendors which, unlike Huawei, are expected to be supplying core 5G.

“It is worth noting that an assurance system comparable to the Huawei Cyber Security Evaluation Centre does not exist for other vendors. The shortcomings in Huawei’s cyber security reported by the Centre cannot therefore be directly compared to the cyber security of other vendors,” it notes.

On the issue of 5G security generally the committee dubs this “critical”, adding that “all steps must be taken to ensure that the risks are as low as reasonably possible”.

Where “essential services” that make use of 5G networks are concerned, the committee says witnesses were clear such services must be able to continue to operate safely even if the network connection is disrupted. Government must ensure measures are put in place to safeguard operation in the event of cyber attacks, floods, power cuts and other comparable events, it adds. 

While the committee concludes there is no technical reason to limit Huawei’s access to UK 5G, the letter does make a point of highlighting other considerations, most notably human rights abuses, emphasizing its conclusion does not factor them in at all — and pointing out: “There may well be geopolitical or ethical grounds… to enact a ban on Huawei’s equipment”.

It adds that Huawei’s global cyber security and privacy officer, John Suffolk, confirmed that a third party had supplied Huawei services to Xinjiang’s Public Security Bureau, despite Huawei forbidding its own employees from misusing IT and comms tech to carry out surveillance of users.

The committee suggests Huawei technology may therefore be being used to “permit the appalling treatment of Muslims in Western China”.


Read Full Article

Petcube’s Bites 2 and Play 2 amuse pets and humans alike with Alexa built-in


Petcube’s original Bites smart treat dispenser and Play pet camera with a built-in laser pointer were great for pet parents who couldn’t always be around to hang out with their furry charges, but the new Bites 2 and Play 2 come with one big new upgrade that make them far more versatile than the original: They both double as Alexa-powered smart speaker devices.

Both the Bites 2 and Play 2 can hear and respond to Alexa requests, with a four-microphone array that in my limited testing actually outperforms the Alexa mics built into my Sonos One and Sonos Beam speakers, which is pretty impressive for devices whose main features are serving up treats and keeping an eye on your pets. That’s on top of the Bites 2 being able to remotely dispense treats for your pet, and the Play 2 providing playtime away from home with a built-in laser pointer you can direct from your phone.

The Bites 2 and Play 2 also feature other improvements, including new wider angle lenses that offer full 180-degree views of your home for more likelihood you’ll spot your pets wandering around, and better Fi-Fi connectivity support with additional 5GHz networking, plus night vision and full HD video. Currently, the field of view is limited to 160-degrees, with an update to follow that will unlock the full 180, but for most users, the 160 FOV is going to show you an entire room and then some.

With the Bites 2, you can also initiate video calls and chat with your pet, though my dog Chelsea basically is just confused by this. It is handy if I need to ask my partner if there’s anything else I’m forgetting to pick up from the store, however. And the treat-flinging feature definitely does appeal to Chelsea, especially now that it’s Alexa-integrated so that I can easily issue a voice command to give her a well-earned reward.

This has actually proven more than just fun – Chelsea suffers from a little bit of separation anxiety, so when we leave our condo she usually spends a few quick minutes complaining audibly with some rather loud barks. But since getting the Petcube Bites 2 to test, I’ve been reinforcing good behavior by reminding her to keep quiet, waiting outside the door and then flinging her a treat or two for her troubles. It’s pretty much done away with the bye-bye barking in just a short time.

The Play 2 doesn’t fling treats, but it does have a built-in laser pointer (which the company says is totally safe for your pets eyes). Chelsea straight up does not understand the laser or even really acknowledge it, so that’s a bit of a miss, but with a friend’s cat this proved an absolute show-stopping feature. I’ve also known dogs previously who loved this, so your mileage may vary, but if you’re unsure it’s probably worth picking up a dollar store laser pointer keychain first to ensure it’s their jam.

The $249 Bites 2 and $199 Play 2 offer a ton of value in just the image and build quality upgrades over their original incarnations, and their basic features are probably plenty enough for doting pet parents. But the addition of Alexa makes these both much more appealing in my opinion, since it essentially bundles an Echo in each device at no extra cost.


Read Full Article

Hackers Threaten Medical IoT Devices: Here’s How to Keep Them Safe


hackers-threat-medical-iot

With so many every day devices connected to the internet, the risk of hacking is always there. But this is an even more serious threat for people who use medical IoT devices.

Here we’ll explain how medical IoT devices are vulnerable to hacking. Then we’ll tell you what steps you should take to keep your devices safe.

What Are Medical IoT Devices?

How to keep your medical IoT devices safe from hackers - stethoscope

You may have heard of the Internet of Things (IoT), a term for gadgets and devices which are connected to the internet, often in the home. Think of smart kettles, smart bulbs, smart speakers, smart TVs, and so on. These devices connect to the internet to send you information via an app on your phone. Or they provide an interface for the internet so you can watch videos or listen to music.

An expanding field is medical IoT, which refers to Internet of Things devices related to healthcare. This includes devices for diabetic patients to monitor their glucose levels or dispense insulin, smart inhalers for asthmatics, some artificial pacemakers, and smart contact lenses. It even includes the Apple Watch which tracks health indicators like heart rate.

These devices help many people and are particularly useful for allowing doctors to monitor patients remotely. In the case of smart drug delivery devices, they can also make sure people get the right amount of medication they need on time.

Why Are These Devices at Risk From Hackers?

It’s a scary thought, but medical IoT devices are vulnerable to hackers. Cyber criminals can use the same techniques they use on phones and computers to access medical devices. In fact, in some ways IoT devices are more vulnerable because their security systems are often based on older hardware.

Hackers can potentially access any device which is connected to the internet. And the consequences of a life-essential medical IoT device like a pacemaker being hacked are extremely serious.

In mid-2019, a security issue with insulin pumps made by Medtronic arose. Thousands of the devices had to be recalled. And in 2017, the Food and Drug Administration announced that implantable cardiac devices from St. Jude Medical had serious security vulnerabilities, which had to be fixed with a software patch.

There has not yet been a reported case of someone being harmed by a hacked medical IoT device. But the possibility that it could happen in the future has both security experts and device users concerned.

General Security Tips for IoT Devices

There are steps you can take to make more medical IoT devices more secure. Firstly, you should follow standard advice for securing any kind of IoT device:

1. Change the Device’s Default Password

Always change the default password. Most IoT devices come with a default password like “password” or “0000” which makes them incredibly easy to access. Users often don’t think to change these passwords because they don’t realize how vulnerable they are. Whenever you get a new device which connects to the internet, find out if it has a password and change it to something only you know.

2. Update the Device’s Software Regularly

You also need to make sure that you update the device’s firmware regularly. Some devices will automatically update themselves, but not all have this function. It can be an annoyance to update software, but it’s essential to patch any security issues and to keep your device safe. Check with the manufacturer to see if there are updates you need to apply.

3. Turn off Automatic Connection to Wi-Fi Networks

Check your settings and don’t let your device automatically connect to available networks. If your device stays in your home and only connects to your home Wi-Fi, it’s probably fine. But what if your Wi-Fi network goes down, or you move the device to a new location? In that case, the device might detect an open network and automatically connect to it.

You need to be very careful when connecting to open networks, as hackers can use public Wi-Fi to steal your identity. They may be able to access data or manipulate your IoT devices as well.

Specific Security Tips for Medical IoT Devices

How to keep your medical IoT devices safe from hackers - insulin pump

There are also specific steps you should take to keep your medical IoT devices safe:

1. Keep Your Device in a Safe Place

It’s a good idea to keep your device on you at all times. You want to make sure no one has the opportunity to interfere with your device in person as well as over the internet. This is best achieved by carrying your device with you or locking it away somewhere safe when it is not in use.

2. Be Careful Where You Plug in Your Device

Don’t ever plug your device into an unknown computer. When you connect your device to a computer, such as through USB, you enable the transfer of data between the two. Hackers could use this connection to interfere with your device and make it less secure. Avoid plugging your device into public computers in locations like libraries. Only connect it to computers you own and monitor yourself.

Also, be careful with charging stations. Sometimes, a charging station will be a simple USB cable and charger, and this can be used safely as it can’t be used to transfer data. But sometimes, a charging station will have a USB cable that goes into a hole or wall so you can’t see what the cable is connected to.

These cables could be connected to a computer, and plugging your device into them will give that computer access to your device which can be dangerous. If you aren’t absolutely sure about a charging station, don’t use it.

3. Keep up to Date on Security Issues

Check the website of your device manufacturer regularly to see if there are updates or security issues that you need to be aware of. And if your device is behaving strangely or you think someone may have accessed it, talk to your doctor as soon as possible.

What to Do If Your Medical IoT Device Has a Security Vulnerability

Look out for letters or emails from your device manufacturer about updates to your device. You should be extra careful if you hear that your device has a vulnerability. In addition to the steps above, follow these steps advised by the FDA:

  • Don’t share the serial number of your device. If you ever take a photo which includes your device, make sure the serial number is not visible. This is particularly important for known vulnerabilities like the Medtronic Insulin Pumps, as hackers can use the serial number to access the device or find information about you.
  • Disconnect devices from your computer when you are not downloading data or updating software. When you leave your device plugged in there is a chance that anyone who can access your computer could access your device as well. Minimize this risk by only plugging your device into your computer while you are in front of the computer yourself and unplugging it when you are done.
  • Don’t let anyone else touch your device. This might sound paranoid, but it’s best to be extra careful with a device which is important for your health. Don’t allow other people to handle your device, and watch out if you have small children who might be curious and press buttons without knowing what they do.

Take Precautions to Keep Medical IoT Devices Secure

These tips will help make sure that your important medical IoT devices are as secure as they can be from hacking attempts.

While you’re here, you can also learn how to secure other IoT devices in your home with our tips for securing smart devices.

Read the full article: Hackers Threaten Medical IoT Devices: Here’s How to Keep Them Safe


Read Full Article

Hero Labs raises £2.5M for its ultrasonic device to monitor a property’s water use and prevent leaks


Hero Labs, a London-based startup that is developing “smart” technology to help prevent water leaks in U.K. properties, has raised £2.5 million in seed funding. The round is led by Earthworm Group, an environmental fund manager, with further support via a £300,000 EU innovation grant and a number of unnamed private investors.

The new capital will be used by Hero Labs to accelerate development of its first product: a smart device dubbed “Sonic” that uses ultrasonic technology to monitor water use within a property, including the early detection of water leaks.

Founded in 2018 by Krystian Zajac after he exited Neos, a smart home insurer that was acquired by Aviva, Hero Labs was born out of the realisation that a lot of smart home technology either wasn’t very smart or didn’t solve mass problems (Zajac had also previously ran a smart home company focusing on ultra high net-worth individuals that delivered bespoke designs for things like motorised swimming pool floors or home cinemas doubling up as panic rooms).

Coupled with this, the Hero Labs founder learned that water wastage was a very costly problem, both financially and environmentally, with water leaks being the number one culprit for property damage in the U.K. ahead of fires, gas explosions or break-ins combined. This sees water leaks cost the U.K. insurance industry £1 billion per year, apparently.

“My vision for the company is to solve real-life problems with truly smart technology,” Zajac tells me. “From working at Neos and alongside some of the world’s largest home insurers I understood the problems that impacted ordinary homeowners and their families on a day-to-day basis. Perhaps most surprisingly, I learnt that water leaks are far and way the biggest cause of damage to homes… I also wanted to do more for the environment in my next venture after learning that water leaks waste 3 billion litres of water a day in the U.K. alone”.

KZ Event

To that end, the Sonic device and service is described as a smart leak defence system. Aimed at anyone who wants to prevent water leaks in their property — including homeowners, landlords, facilities management, property developers and businesses — the ultrasonic device typically attaches to the piping below your sink and “listens” to the vibrations coming off the interconnected pipes.

Sonic then monitors the water flow using machine learning and its algorithms to identify usage and detect anomalies. This requires the technology to understand the difference between appliances, running taps and even flushing toilets so that it can build up a picture of normal water usage in the home and in turn identify if that pattern is broken. Crucially, if needed, Sonic can automatically shut off the water supply to prevent a water leak damaging the property or its possessions.

Will a full launch planned for later this year, Sonic is targeting consumers as well as small businesses initially. “We are [also] in discussions with insurers who might subsidise the product or give it away completely for free to certain more affluent customers to minimise the risk of water escape,” adds Zajac.


Read Full Article