Month: April 2019

The Tesla computer, a new custom chip designed to enable full self-driving capabilities, is now in all new Model 3, X and S vehicles, CEO Elon Musk said during the company’s Autonomy Day.

Tesla switched over from Nvidia’s Drive platform to its own custom chip for the Model S and X about a month ago and for the Model 3 about 10 days ago, Musk said.

“All cars being produced all have the hardware necessary — computer and otherwise — for full self-driving,” Musk said. “All you need to do is improve the software.”

Work is also already underway on a next-generation chip, Musk added. The design of this current chip was completed “maybe one and half, two years ago.” Tesla is now about halfway through the design of the next-generation chip.

Musk wanted to focus the talk on the current chip, but he later added that the next-generation one would be “three times better” than the current system and was about two years away.

The software caveat about full self-driving is an important one. Tesla vehicles are not considered fully autonomous, or Level 4, a designation by SAE that means the car can handle all aspects of driving in certain conditions without human intervention.

Instead, Tesla vehicles are “Level 2,” a more advanced driver assistance system than most other vehicles on the road today. Musk has promised that the advanced driver assistance capabilities on Tesla vehicles will continue to improve until eventually reaching that full automation high-water mark.

Tesla offers two different advanced driver assistance packages to customers: Autopilot and Full Self-Driving. Autopilot is ADAS that offers a combination of adaptive cruise control and lane steering and is now a standard feature on new cars. The price of vehicles has been adjusted higher to reflect the addition of Autopilot as a standard feature.

Full Self-Driving, or FSD, costs an additional $5,000. (And, to be clear, vehicles are not full self-driving driving.) FSD includes Summon as well as Navigate on Autopilot, an active guidance system that navigates a car from a highway on-ramp to off-ramp, including interchanges and making lane changes. Once drivers enter a destination into the navigation system, they can enable “Navigate on Autopilot” for that trip.

Source: Tech Crunch

Today at Tesla’s first Autonomy Day event, Elon Musk took questions from the press but didn’t have time for questions about Lidar. Historically, he’s been vocal about the technology, and this time he put it as clear as he could. 

“LIDAR is a fool’s errand,” Elon Musk said. “Anyone relying on LIDAR is doomed. Doomed! [They are] expensive sensors that are unnecessary. It’s like having a whole bunch of expensive appendices. Like, one appendix is bad, well now you have a whole bunch of them, it’s ridiculous, you’ll see.”

The topic was brought up by a question about if Tesla’s just-revealed self-driving hardware could handle input from LIDAR. Tesla’s vehicle’s currently uses several sources of data to acquire autonomous driving: radar, GPS, maps, ultrasonic sensors and more. But not LIDAR like some of Tesla’s chief competitors. Elon Musk previously explained that he views LIDAR as a crutch for self-driving vehicles. For Tesla, cameras are the keys to the future and its CEO sees a future when cameras will enable Tesla to see through the most adverse weather situations.

Andrej Karparthy, Senior Director of AI, took the stage and explained that the world is built for visual recognition. LIDAR systems, he said, have a hard time deciphering between a plastic bag and a rubber tire. Neural networks and visual recognition are necessary for Level 4 and Level 5 autonomy, he said.

Uber, Waymo, Cruise and several others use the technology in their self-driving technology stack. As proponents of the technology, they point to LIDAR’s ability to see through challenging weather and light conditions better than existing cameras. They’re expensive. And often hungry for power. That’s where Tesla’s solution around cameras comes in.

The company today detailed its current generation self-driving computer that works with all existing Tesla vehicles. Once the software is ready, it will enable all Teslas to drive autonomously with their existing sensor set — at least that’s what the company says — and that sensor set doesn’t include LIDAR. Instead, the sensors inside Tesla vehicles lean on a neural network that’s trained by data collected by all Tesla vehicles.

“Everyone’s training the network all the time,” Musk said. “Whether autopilot is on or off, the network is being trained. Every mile that’s driven for the car that’s hardware 2 or above is training the network.”

The resulting data is kind of scary, Musk mused later in the press conference. But presumably not as scary as relying on LIDAR.

Source: Tech Crunch

As the internet TV services have matured, their pricing has as well. The majority have raised their price points — some have even done so multiple times. Today, Philo is following suit…but only by a little. The streaming TV service has been one of the cheapest on the market, with an entry-level plan that began at only $16 per month for 45 channels. Now, it’s doing away with this super low-cost plan, and will only offer the existing $20 per month plan instead.

The $20 per month plan has offered 58 channels, as an upgrade from the basic plan with cable TV favorites. The upgrade adds on a few more networks, like MTV Live, BET Her, Nicktoons, Logo, Cooking Channel, Destination America, Discovery Family Channel, Discovery Life Channel, and others. These, arguably, aren’t all “must-haves” — and likely, few of its subscribers chose to the higher priced package.

The company declined to say how many customers it has, or the percentage of customers who had subscribed to its $16 and $20 plans.

With the price changes that go live on May 6, 2019, all new Philo customers will only have the option to sign up for the $20 per month page.

Existing subscribers will be grandfathered into the current pricing, however. They’ll also still be able to move back and forth between the two current plans, even after the May 6 deadline (so long as their subscription doesn’t lapse.)

Company CEO Andrew McCollum explained the move as needed to keep up with the times — and to address the rising operating costs Philo faces — in a statement posted to the company website.

“At Philo, we care deeply about creating the best TV experience possible at an affordable price. …Consolidating into a single $20 package was the best way for us to maintain the same offering we have today without raising prices for everyone, or having to cut back in places we strive to excel, like our customer support,” he said.

The 18-month old company is one of the few that hadn’t yet rolled out a price increase.

Hulu raised prices for its Live TV service in January, and YouTube TV just did so again just a couple of weeks ago. Sling TV, DirecTV Now, and PlayStation Vue have all seen price hikes, too. And in the subscription video on demand market, Netflix has been creeping ever higher, as well.

With new video services from Disney, Apple and WarnerMedia set to arrive this year, some consumers will be looking to shift funds around to afford their new subscriptions. Philo could benefit if subscribers drop higher-priced services in order to save money.

Despite the slight price bump, Philo still remains a low-cost option because it strategically opted to not stream sports. That allowed it to pass along the cost savings along to customers who could watch sports in other ways (or who didn’t care to watch sports at all.)

The company today caters to a younger demographic and has been developing a co-viewing, social feature to differentiate itself further. This feature is now in internal testing, the company said this month.

Source: Tech Crunch

Over the last five years, almost everything about web development has changed. Oh, the old tech still works, your WordPress and Ruby On Rails sites still function just fine — but they’re increasingly being supplanted by radical new approaches. The contents of your browser are being sliced, diced, rendered, and processed in wholly new ways nowadays, and the state of art is currently in serious flux. What follows is a brief tour of what I like to call the New New Web:

Table of Contents

1. Single-Page Apps
2. Headless CMSes
3. Static Site Generators
4. The JAMStack
5. Hosting and Serverlessness
6. Summary

---

1. Single-Page Apps

These have become so much the norm — our web projects at HappyFunCorp are almost always single-page apps nowadays — that it’s easy to forget how new and radical they were when they first emerged, in the days of jQuery running in pages dynamically built from templates on the server.

Source: Tech Crunch

Evisort, a document and contract management company, left one of its document databases unsecured, exposing customer data.

The startup, founded by former Harvard and MIT students in 2016, bills itself as an artificial intelligence contract management company, which it says helps to better organize its customers’ legal documents and contracts. Among its claims, the company can evaluate and pull out the most relevant information in a 30-page contract in a matter of seconds. And so far, the investors like the pitch, securing $4.5 million in seed funding led by Village Global and Amity Ventures, with participations from Accenture and SAP.

According to an anonymous tip sent in to TechCrunch, the company left an Elasticsearch database open without a password, allowing anyone to search the files inside. When reached, Evisort’s chief executive Jerry Ting said the database was “for testing and development purposes only” and an audit was under way.

While some of the documents were marked “dummy” and “test” files, many documents seen by TechCrunch contained customer data.

“These are confidential agreements between many established large famous companies that are hosted on the internet for anyone to see,” said the anonymous tipster, who provided links to several files in the database.

The company lists Stack Overflow and TravelZoo as customers. The database also contained non-disclosure agreements between Evisort and Samsung. A similar agreement with Squarespace found in the database was signed by Ting.

Many of the files included employee contracts, loan agreements (one worth $200 million) and resumes. We reached out to several people whose information was found in the database. One person we spoke to said they had no idea how their resume got into Evisort’s database. Other files appeared to be contracts and agreements submitted by Evisort customers.

Many of the documents we saw had confidential information.

Another file contained details of an agreement by Evisort and a third-party security company, dated February 21, to conduct a penetration test on its network — a way of finding and fixing security vulnerabilities before they are exploited.

Evisort shut down the database within an hour of TechCrunch reaching out.

In a follow-up email, Ting conceded that some customer data was exposed. (Ting declared his email “off the record,” which requires both parties agree to the terms in advance, but we are printing the reply as we were given no opportunity to reject.)

“The database is not part of our production environment, but a part of our internal development environment used by our engineers,” he said.

“Although our investigation is ongoing, the vast majority of information contained in the development database was placeholder or benign information used for testing purposes,” he said in the email. “However, it appears that there may be a small number legitimate documents in this environment.”

“As part of our investigation, we will be reviewing the entire data set in the environment, along with any available logging data, to determine what information may have been affected and we will be communicating directly with any of our customers who could be affected,” he added.

Ting added that the company is “in the process of retaining” an outside forensic firm to assess the impact on customers.

Evisort didn’t say how long the data was exposed. Data search engine Binary Edge first detected the system on March 22.

It’s the latest in a string of sizable data exposures in recent months, including text messages, medical records, a watchlist of high-risk individuals, a robocalling firm, millions of mortgage and loan documents and even a spam operation.

Read more:

• A leaky database of SMS text messages exposed password resets and two-factor codes
• A huge trove of medical records and prescriptions found exposed
• We found a massive spam operation — and sunk its server
• Dow Jones’ watchlist of 2.4 million high-risk individuals has leaked
• Robocaller firm Stratics Networks exposed millions of call recordings
• Massive mortgage and loan data leak gets worse as original documents also exposed

Source: Tech Crunch

It’s been a busy week — it’s tough to keep up with all the cybersecurity news. We’ve collected some of the biggest cybersecurity stories from the week — from TechCrunch and afar — to keep you up to date with the latest hacks, privacy breaches and security stories you need to know.

Facebook now says its password leak affected ‘millions’ of Instagram users

TechCrunch: As all eyes were on attorney general William Barr giving his highly anticipated summary of the Mueller report out this week, Facebook was quietly updating a blog post it had published a month earlier, revising up the number of Instagram accounts affected by a years-long bug that stored passwords in plaintext. Facebook admitted that “millions” of accounts were affected and not “hundreds of thousands” as it had first estimated. It wasn’t a coincidence; it was a perfect opportunity for Facebook to bury bad news. CNN’s Donie O’Sullivan called it the “most cynical” thing Facebook has done since dropping its report detailing its role in a genocide in Myanmar the day before the U.S. midterm elections.

Utah bans police from searching digital data without a warrant

Forbes: Some good news for privacy advocates this week: a big Fourth Amendment loophole has been closed in the state of Utah. Previously, state law enforcement only required a subpoena to access someone’s digital content — including emails, pictures, video and audio — from internet and cloud providers. Now, following the introduction of HB 57, the Electronic Information or Data Privacy Act, police need a warrant based on probable cause. No more warrantless fishing expeditions allowed.

A mystery agent is doxing Iran’s hackers and dumping their code

Wired: Buried in the news this week was the startling revelation that someone — whose identity isn’t known — has begun spilling the secrets of an Iranian hacker group, known as OilRig or APT34, on a Telegram channel, according to Chronicle, Alphabet’s cybersecurity company. It would be a devastating breach of their operational security if true, only a couple of years after the Shadow Brokers stole and published highly classified hacking tools developed by the National Security Agency.

The Weather Channel knocked off the air for over an hour

Wall Street Journal: For over an hour on Thursday, The Weather Channel was brought offline by a ransomware attack. In a tweet, the channel said it restored its live programming after running through its backup systems. The FBI said it was investigating. It’s the latest ransomware incident hit a major company — from aluminum maker Norsk Hydro to drinks giant Arizona Beverages.

Mueller report: Hacked elections, encrypted messaging, troll farms and more

TechCrunch: After two years, the Special Counsel’s probe into Russian interference with the 2016 U.S. presidential election is over. TechCrunch covered the tech angles you need to know: from how Russian-backed hackers broke into the Hillary Clinton campaign, how the use encrypted messaging apps hindered the investigation, how successful Russia was in breaking into election systems, and what role its troll factory and disinformation had on the election.

FTC said to want to face-off with Mark Zuckerberg over privacy violations

Washington Post: Now more than ever, Facebook is under the watchful eye of the Federal Trade Commission. A report this week said the social media giant’s founder Mark Zuckerberg could also be in the agency’s crosshairs. It’s part of an ongoing effort to hold the company accountable since the Cambridge Analytica scandal, following which has been security incident after incident, amid claims of mismanaged consumer data and gross ethical violations.

Cybersecurity firm Verint hit by ransomware

ZDNet: Verint, a cybersecurity company, was also hit by ransomware this week. Described as an “extreme case of irony,” the company was forced to bring in a third-party security firm to handle the infection. It comes in the same week that Wipro, one of India’s largest outsourcing companies, was hit by hackers. The company initially denied the breach, but was challenged by the security reporter Brian Krebs — who broke the news — live on the company’s earnings conference days following the breach. Of course the call was recorded, forcing Wipro’s chief operating officer Bhanu Ballapuram to come clean.

Security flaw in French government messaging app exposed confidential conversations

TechCrunch: And finally, a security flaw was found in the French government’s own encrypted messaging app Tchap immediately after it launched. Security researcher Baptiste Robert created a user account — even though the service is restricted to government officials. The app, which uses the open-source Signal Protocol, inadvertently allowed access to non-government email addresses, exposing the app’s public channels.

Source: Tech Crunch

I’m starting to get that thing where my iPhone XS screen feels super tiny when I switch back from the Fold to send a text message from my number. Someone recently asked me if I’m going to have trouble giving the device back to Samsung in a few days, and while the answer is a decided “not really,” the march toward even larger screens does feel inevitable — and I do believe folding phones will be an important part of that push.

Of course, I also believe that we’re as close as a generation or two out from this first shot on that foldable feeling pretty big and bulky (some folks who’ve seen the phone have already said as much about it). I’m back at the airport today, and both airline representatives and TSA agents (who see a LOT of phones as people are checking in) seem pretty impressed with it.

I had the phone standing up at a 45 degree angle on the bathroom sink this morning to watch the news as I brushed my teeth. That’s pretty neat. And If I’d had the forethought, I have loaded a couple of movies on it for the flight. It definitely beats the seatback screens on Delta.

In addition to the fingerprints on the outside, the inside gets like crazy dusty after any kind of use. And a lot of that collects in the little reservoir between the screen protector and the outside lip.

The top shot is from yesterday’s A’s game (the dark line along the seam is a shadow). You can use the front facing screen as a view finder while taking photos, but it’s pretty small. The inside, meanwhile, makes you feel like one of those people who use their iPads to take photos in public. Once you get over that, it’s a pretty nice way to view shots, though.

And no, it’s not broken yet. We’re still waiting for official word from Samsung about what happened there. The Fold is on track for an April 26 release here in the States, in spite of everything, and even as a China release appears be delayed.

Review soon.

 

Source: Tech Crunch

The government of Sri Lanka has temporarily blocked access to several social media services following deadly explosions that ripped through the country, killing at least 207 people and injuring hundreds more.

Eight bombings were reported, including during Easter services at three churches, on the holiest weekend of the Christian calendar.

In a brief statement, the Sri Lankan president’s secretary Udaya Seneviratne said the government has “decided to temporarily block social media sites including Facebook and Instagram,” in an effort to curb “false news reports.” The government said the services will be restored once the investigations into the attacks had concluded.

Sri Lanka’s prime minister Ranil Wickremesinghe has described the explosions as a terrorist incident.

Nalaka Gunawardene, a science writer and Sri Lankan native, confirmed in a tweet that Facebook-owned WhatsApp was also blocked in the country. Others reported that YouTube was inaccessible. But some said they were able to still use WhatsApp .

Facebook spokesperson Ruchika Budhraja told TechCrunch: ““Our hearts go out to the victims, their families and the community affected by this horrendous act. Teams from across Facebook have been working to support first responders and law enforcement as well as to identify and remove content which violates our standards. We are aware of the government’s statement regarding the temporary blocking of social media platforms. People rely on our services to communicate with their loved ones and we are committed to maintaining our services and helping the community and the country during this tragic time.”

A spokesperson for Google did not immediately comment.

It’s a rare but not unprecedented step for a government to block access to widely used sites and services. Although Sri Lanka’s move is ostensibly aimed at preventing the spread of false news, it’s likely to have an inhibiting effect on freedom of speech and efforts to communicate with loved ones.

Sri Lanka, like other emerging nations, has previously battled with misinformation. The government has complained that false news shared on Facebook has helped spread hatred and violence against the country’s Muslim minority. Other countries like India say encrypted messaging app WhatsApp has contributed to the spread of misinformation, prompting the social media company to add limits to how many groups a message can be sent to.

Iran and Turkey have also blocked access to social media sites in recent years amid protests and political unrest.

Updated with comment from Facebook.

Source: Tech Crunch

Stop me if you’ve heard this one before. Samsung tries to deliver a big innovation and fails miserably.

A big story this week on TechCrunch was that in the buildup to the release of the Samsung Galaxy Fold, potentially one of the weirdest, most innovative, most expensive phones shipped in the past decade, there are some signs that this could be a momentous failure. Samsung only sent out about a dozen review units to press outlets, and three of them seemed to fail for three distinct reasons.

Does this inspire much faith in the durability of the $1,980 hardware (which has already sold out in pre-orders)? Not quite.

“A limited number of early Galaxy Fold samples were provided to media for review. We have received a few reports regarding the main display on the samples provided. We will thoroughly inspect these units in person to determine the cause of the matter,” a Samsung spokesperson publicly detailed, responding to the issues.

This nascent scandal may lead you to recall the Note 7 debacle, which earned Samsung what was perhaps the worst free advertising ever, with the FAA mandating just about every domestic flight begin with the pilot ensuring that the plane was Note 7-free. A phone spontaneously dying is a cake walk compared to a phablet bomb, but we’ll see whether this was just a big pre-release fluke and the consumer units prove more durable. That said, a failure rate of around 25 percent for models sent to journalists after a few days doesn’t inspire the greatest confidence.

Brian seemed to have some pretty nice things to say about his early time with the device —

Unfolding the Samsung Galaxy Fold:
Hands-on with the $2,000 foldable

I will say I did get a chance to fumble around with the Fold this week while our hardware editor Brian Heater was in town, and I personally found the device pretty inspiring. The screen on his still-functioning device is really quite beautiful and it all just feels like an innovative approach, even if it’s very first-gen at its heart.

Its good qualities all rely on the device continuing to function though, so I won’t get too complimentary until we get some further clarity on that.

Trends of the week

Here are a few big news items from big companies, with links to all the sweet, sweet added context.

• Apple + Intel Qualcomm = best friends
  The two companies finally put aside their royalties and patent troll skirmishes, and various media reports suggest Apple’s mobile mea culpa was all about accepting Qualcomm’s command on 5G modems — something the iPhone giant really couldn’t afford to overlook. It was great news for Qualcomm, which had a major stock rally this week, but probably bad news for Intel, which seemed to be embracing a renewed and improved relationship with Apple as it tried to replace Qualcomm’s tech. Oh well.
• TikTok’s shock block 
  Chinese company ByteDance’s cross-border hit TikTok hit a major stumbling block in India after a judge there ruled that app downloads had to be halted on iOS and Android following a number of issues regarding porn and other “illegal content.” There are 120 million existing TikTok users in India, but they shouldn’t be affected, as the service itself has not been banned — you just won’t find them in the app stores there.
• Move slow, still break things
  Twitter’s CEO Jack Dorsey continued his ill-advised public speaking tour with a chat at TED, where he first said he isn’t sure he’d build Twitter the same way if he got a second shot. “If I had to start the service again, I would not emphasize the follower count as much … I don’t think I would create ‘likes’ in the first place.” In response to a question about his lack of urgency in fixing some of Twitter’s more egregious problems, Dorsey said, “We are working as quickly as we can, but quickness will not get the job done… It’s focus, it’s prioritization, it’s understanding the fundamentals of the network.”
• Sony teases an 8K PS5… Xbox loses a slot  
  While Google is betting on a world without dedicated high-end gaming hardware with its Stadia game-streaming platform, Xbox is betting on a future without physical media. Microsoft released the Xbox One S “All-Digital Edition” this week for $249. The company has been piping out mid-generation upgrades for Xbox One, and this is its most minor hardware update — there are almost no differences beyond the disc drive. Meanwhile, PlayStation kind of stole Xbox’s press lunch by giving some details on the PS5. Also on the gaming front, a report suggests Apple is spending more than $500 million on its Arcade gaming subscription service.

Shoot me tips or feedback
on Twitter @lucasmtny or email
lucas@techcrunch.com

GAFA Gaffes

How did the top tech companies screw-up this week? This clearly needs its own section, in order of awfulness:

1. Facebook elaborates more on that “screwing over users’ privacy” thing it does from time to time:
   [Facebook now says its password leak affected ‘millions’ of Instagram users]
2. YouTube managed to add its own conspiracy to videos of the Notre-Dame fire:
   [YouTube’s algorithm added 9/11 facts to a live stream of the Notre-Dame Cathedral fire]

Extra Crunch

Our premium subscription service has been off to a great start. I just kicked off my new series this week, “The Exit,” where I interview a lead investor in a recent exit. I talked to Bessemer’s Adam Fisher, who led Bessemer’s investments in Dynamic Yield, which McDonald’s bought last month for $300 million.

The Exit: an AI startup’s McPivot

“The pivot from courting the grey lady to the golden arches isn’t as drastic as it sounds. In a lot of ways, it’s the result of the company learning to say ‘no’ to certain customers…”

Here are some of our other top reads this week for premium subscribers —

• Data tells us that investors love a good story and other secrets to a winning pitch deck, from DocSend
• The different playbooks of D2C brands
• Google Cloud, McDonald’s big tech acquisition and motivating an engineering team

Want more TechCrunch newsletters? Sign up here.

Source: Tech Crunch

Names, soccer players, musicians and fictional characters make up some of the worst passwords of the year, according to the U.K. government’s National Cyber Security Center.

But nothing beats “123456” as the worst password of all.

It’s no shock to any seasoned security pro. For years, the six-digit password has been donned the worst password of all, given its wide usage. Trailing behind the worst password is — surprise, surprise — “123456789”.

The NCSC said more than 30 million victims use those two passwords alone, according to its latest breach analysis based off data pulled from Pwned Passwords, a website run by security researcher Troy Hunt, who also runs breach notification Have I Been Pwned.

“We understand that cyber security can feel daunting to a lot of people, but the NCSC has published lots of easily applicable advice to make you much less vulnerable,” said Dr. Ian Levy, NCSC’s technical director. “Password re-use is a major risk that can be avoided — nobody should protect sensitive data with something that can be guessed, like their first name, local football team or favorite band.”

Weak passwords are a problem. Not only can they be easily guessed by bots trying to break into your account, they can be easily cracked if they’re ever stolen from the company in a data breach. Weak passwords are often the default credentials on Internet of Things devices, making it easy for botnets to quietly break into your smart devices and hijack them for nefarious purposes.

What can you do about it?

TechCrunch has several free security guides you can read to put you on the right path. Setting yourself up with a password manager is the first big step. Password managers generate and securely store your passwords so you don’t have to remember each one. Then, you should set up two-factor authentication, as adding an additional barrier on top of your password makes it even tougher for the most determined malicious hacker to break into your accounts.

It doesn’t take long to get secure. Take an hour out of your day and get started.

Source: Tech Crunch