Month: January 2020

Presidential candidate Pete Buttigieg has lost his campaign’s chief information security officer, citing “differences” with the campaign over its security practices.

Mick Baccio, who served under the former South Bend mayor’s campaign for the White House, left his position earlier this month.

The Wall Street Journal first reported the news. TechCrunch also confirmed Baccio’s resignation, who left less than a year after joining the Buttigieg campaign.

“I had fundamental philosophical differences with campaign management regarding the architecture and scope of the information security program,” Baccio told TechCrunch.

“We thank him for the work he did to protect our campaign against attacks,” said Buttigieg spokesperson Chris Meagher. The spokesperson said that the campaign had retained a new security firm, but would not say which company.

Baccio was the only known staffer to oversee cybersecurity out of all the presidential campaigns. News of his departure comes at a time just months to go before millions of Americans are set to vote in the 2020 presidential campaign.

But concerns have been raised about the overall security posture of the candidates’ campaigns, as well as voting and election infrastructure across the United States, ahead of the vote.

A report from a government watchdog last March said Homeland Security “does not have dedicated staff” focused on election infrastructure. Since then, security researchers found many of the largest voting districts are vulnerable to simple cyberattacks, such as sending malicious emails designed to look like a legitimate message, a type of tactic used by Russian operatives during the 2016 presidential election.

In October, Iran-backed hackers unsuccessfully targeted President Trump’s re-election campaign.

Source: Tech Crunch

For the first time, this year Delta Air Lines had a large presence at CES. The carrier used much of its space to highlight the “parallel reality” screens developed by Misapplied Sciences and Sarcos Robotics, which brought its latest Guardian exoskeleton. At the show, I sat down with COO Gil West, an industry veteran with years of experience at a number of airlines and airplane manufacturers, to talk about how the company works with these startups.

Like all large companies, Delta has gone through a bit of a digital transformation in recent years by rebuilding a lot of the technical infrastructure that powers its internal and external services (though like all airlines, it also still has plenty of legacy tech that is hard to replace). This work enabled the company to move faster, rethink a lot of its processes and heightened the reality that a lot of this innovation has to come from outside the company.

“If you think about where we are as a world right now, it’s a Renaissance period for transportation,” West said. “Now, fortunately, we’re right in the middle of it, but if you think about the different modes of transportation and autonomous and electrification — and the technologies like AI and ML — everything is converging. There’s truly, I think, a transportation revolution — and we’ll play in it.

Source: Tech Crunch

What would we do if we could visit our own pasts or futures? Are we more likely to change our timelines, or will our timelines actually project themselves back on to us more forcefully?

This is the first discussion post of this beta-testing, informal TechCrunch book club, which is starting with the first short story in Ted Chiang’s science fiction collection “Exhalation.” Join us as we walk through each story in succession in the coming weeks and explore a wider expanse of technology and its effect on society.

The first story in the collection is “The Merchant and the Alchemist’s Gate,” a compact, interwoven series of tales that discusses a time-shifting “gate” that allows people to move forward and backward in time at a specific interval. Chiang takes the familiar device of the time-travel machine and repurposes it for a deeper introspection of how humans consider their own lives and the lives they affect.

For this first week, I want to start with some reading questions (posted below) to think about before presenting deeper thoughts from me and readers. As I mentioned before, you can email me your thoughts at danny+bookclub@techcrunch.com and include them below in the comments, as well. Several communities online on Reddit and Twitter have already begun conversations, as well.

My friend and occasional Extra Crunch contributor Eliot Peper wrote in to describe what he considered the most foundational passage of the piece, and his thoughts:

“Past and future are the same, and we cannot change either, only know them more fully. My journey to the past had changed nothing, but what I had learned had changed everything, and I understood that it could not have been otherwise. If our lives are tales that Allah tells, then we are the audience as well as the players, and it is by living these tales that we receive their lessons.”

This passage resonated with me deeply because it hints at one of the reasons I love reading science fiction like Chiang’s: Not to catch a glimpse into the future, but to inspect the present more closely, and from fresh angles—learning lessons along the way.

We will return next week on Tuesday with more fully formed thoughts on this short story, as well as a similar reading guide for the second short story, the eponymous “Exhalation.”

Some questions to ponder about “The Merchant and the Alchemist’s Gate”:

• What is Chiang trying to convey about the meaning of destiny? Are we really “the audience as well as the players”?
• Do we have agency in our own lives? Can we really affect the future with our own actions?
• How should we observe what happens around us? Is consideration of what is happening enough to bring understanding and contentment, or do we have to have a stake in every outcome for us to feel satisfied?
• Why did Chiang choose this particular time and setting (historical Baghdad) for this short story?
• Similarly, why did he choose to include three tales in such a short story? What did this structural device provide us as readers?
• What does the introduction of the gate imply about how new technology is accepted? Is it believable that such a wondrous device would be accepted so readily?
• Is the gate neutral? Could it be used for good or evil, or does it depend on the user themselves?

Source: Tech Crunch

Tesla apparently isn’t afraid to embrace some of its more embarrassing moments when doing so will likely lead to moving lots of merch — the automaker is now selling a t-shirt emblazoned with a graphic of the shatter incurred in the Cybertruck’s driver-side window when the controversial pickup truck was officially unveiled at the end of last year.

During that event in November, Tesla CEO Elon Musk invited Tesla lead designer Franz von Holzhausen onstage to stress test the Cybertruck’s durability. Von Holzhausen proceeded to smash the truck’s side panels with a sledgehammer, leaving no visible marks — but when he moved on to throwing a steel ball bearing at the supposedly blast-proof windows, they seemed to easily shatter.

The driver-side window first smashed, spidering the glass (but, as noted by Musk at the time, not allowing the ball to actually pass all the way through). At von Holzhausen’s urging, the rear driver-side window quickly followed suit on a second throw from the designer, once the attempt was OK’d by a seemingly stunned Musk.

This new t-shirt, which is available from the Tesla official merch shop, retails for $45 and features what looks like the actual photographic recreation of the shatter pattern from the front window, the first to be shattered in the onstage gaffe. The back of the shirt features the official Cybertruck logo, which is a primal, pared-down triangle that looks like a silhouette of the top of the Cybertruck from the wheel wells up.

When I checked, I couldn’t actually purchase the t-shirt, but it’s likely to be a hot seller (if it didn’t just sell out in the first two minutes of availability already). The incident was instantly meme-orialized, and though Tesla later said that it was actually a result of a structural weakening of the window glass due to von Holzhausen’s earlier sledgehammer blasts at the door below, it clearly wasn’t a planned or desired part of the presentation for Musk or Tesla.

Just like Musk’s onstage claims regarding the window glass strength, take his Twitter assertion that the “T-shirt is bulletproof & makes u buff!” with a healthy dose of skepticism.

Source: Tech Crunch

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. Visa is acquiring Plaid for $5.3 billion, 2x its final private valuation

You can compare what Plaid does to Stripe — but instead of facilitating payments, Plaid helps developers share banking and other financial information more easily.

Plaid raised $250 million at the end of 2018, with both Mastercard and Visa quietly participating in the round. So Visa must be pretty happy with how the startup has developed since then.

2. Google wants to phase out support for third-party cookies in Chrome within two years

The fact that Google will drop support for these cookies — which are typically used to track users across the web — doesn’t necessarily come as a surprise, given the company’s announcements around privacy in Chrome. But this aggressive timeline is new.

3. Disney+ was the most downloaded app in the US in Q4 2019

Following the app’s mid-November launch in the U.S., Disney+ was downloaded more than 30 million times in Q4 2019 — according to a new report from SensorTower, that’s more than double the downloads for the runner-up, TikTok.

4. Spotify and Warner Chappell end dispute in India, sign global licensing deal

The announcement marks the end of the companies’ litigation before the Bombay High Court, where Warner Music was seeking an injunction to prevent Spotify from using its music in India. Spotify ended up launching in India anyway, but without a number of Warner Music titles.

5. The robot homecoming is upon us

Home robots have already had a few false starts, including some high-profile flare-outs like Anki and previous CES darling Kuri. But Darrell Etherington argues that between slow-burn categories and the sheer volume of newer products, it now seems certain we’re on a path that will lead to robots becoming common household items. (Extra Crunch membership required.)

6. Atrium lays off lawyers, explains pivot to legal tech

Moving forward, the Justin Kan-founded startup will focus on its software for startups navigating fundraising, hiring and collaborating with lawyers. Atrium also plans to ramp up its startup advising services, and it’s doubling down on its year-old network of professional service providers that help clients navigate day-to-day legal work.

7. Disrupting Space: A new event from TechCrunch

The show will be held at Gateway Sheraton Hotel in Los Angeles on June 25, right in the neighborhood of America’s most powerful players in space, including Boeing, Northrop, Lockheed, Raytheon, Teledyne, The Aerospace Corporation, the U.S. Air Force and, of course, SpaceX.

Source: Tech Crunch

Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10.

The vulnerability is found in a decades-old Windows cryptographic component, known as CryptoAPI. The component has a range of functions, one of which allows developers to digitally sign their software, proving that the software has not been tampered with. But the bug may allow attackers to spoof legitimate software, potentially making it easier to run malicious software — like ransomware — on a vulnerable computer.

“The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider,” Microsoft said.

CERT-CC, the the vulnerability disclosure center at Carnegie Mellon University, said in its advisory that the bug can also be used to intercept and modify HTTPS (or TLS) communications.

Microsoft said it found no evidence to show that the bug has been actively exploited by attackers, and classified the bug as “important.”

Independent security journalist Brian Krebs first reported details of the bug.

The National Security Agency confirmed in a call with reporters that it found the vulnerability and turned over the details to Microsoft, allowing the company to build and ready a fix.

Only two years ago the spy agency was criticized for finding and using a Windows vulnerability to conduct surveillance instead of alerting Microsoft to the flaw. The agency used the vulnerability to create an exploit, known as EternalBlue, as a way to secretly backdoor vulnerable computers. But the exploit was later leaked and was used to infect thousands of computers with the WannaCry ransomware, causing millions of dollars’ worth of damage.

Anne Neuberger, NSA’s director of cybersecurity, told TechCrunch that once the vulnerability was discovered, it went through the vulnerabilities equities process, a decision-making process used by the government to determine if it should retain control of the flaw for use in offensive security operations or if it should be disclosed to the vendor. It’s not known if the NSA used the bug for offensive operations before it was reported to Microsoft.

Neuberger confirmed Microsoft’s findings that NSA had not seen attackers actively exploiting the bug.

Jake Williams, a former NSA hacker and founder of Rendition Infosec, told TechCrunch that it was “encouraging” that the flaw was turned over “rather than weaponized.”

“This one is a bug that would likely be easier for governments to use than the common hacker,” he said. “This would have been an ideal exploit to couple with man in the middle network access.”

Microsoft is said to have released patches for Windows 10 and Windows Server 2016, which is also affected, to the U.S. government, military and other high-profile companies ahead of Tuesday’s release to the wider public, amid fears that the bug would be abused and vulnerable computers could come under active attack.

The software giant kept a tight circle around the details of the vulnerabilities, with few at the company fully aware of their existence, sources told TechCrunch. Only a few outside the company and the NSA — such as the government’s cybersecurity advisory unit Cybersecurity and Infrastructure Security Agency — were briefed.

CISA also issued a directive, compelling federal agencies to patch the vulnerabilities.

Williams said this now-patched flaw is like “a skeleton key for bypassing any number of endpoint security controls,” he told TechCrunch.

Skilled attackers have long tried to pass off their malware as legitimate software, in some cases by obtaining and stealing certificates. Last year, attackers stole a certificate belonging to computer maker Asus to sign a backdoored version of its software update tool. By pushing the tool to the company’s own servers, “hundreds of thousands” of Asus customers were compromised as a result.

When certificates are lost or stolen, they can be used to impersonate the app maker, allowing them to sign malicious software and make it look like it came from the original developer.

Dmitri Alperovitch, co-founder and chief technology officer at security firm CrowdStrike, said in a tweet that the NSA-discovered bug was a “critical issue.”

“Everyone should patch. Do not wait,” he said.

Source: Tech Crunch

Last Halloween, we broke down some “good news” from a Canalys report: the smartphone industry saw one-percent year-over-year growth — not exactly the sort of thing that sparks strong consumer confidence.

In short, 2019 sucked for smartphones, as did the year before. After what was nearly an ascendant decade, sales petered off globally with few exceptions. Honestly, there’s no need to cherrypick this stuff; the numbers this year have been lackluster at best for a majority of companies in a majority of markets.

For just the most recent example, let’s turn to a report from Gartner that dropped late last month. The numbers focus specifically on the third quarter, but they’re pretty indicative of what we’ve been seeing from the industry of late, with a 0.4 percent drop in sales. It’s a fairly consistent story, quarter after quarter for a couple of years now.

Source: Tech Crunch

“Keep your head high and give them hell.”

My grandma, Opal Thompson, once wrote that to me in a letter, like the dyed-in-the-wool, strong Texan woman she was. It is now tattooed on my forearm for all to see. Memories of her powerful presence and great advice have been a North Star on my path to entrepreneurship, as well as the kick in the pants I have needed along the way to confidently go toe-to-toe with nonbelievers in my industry. “Honey, you need to work harder and smarter than men and get ‘er done,” she once told me. It may sound folksy, but it’s gotten me to where I am today.

Last October, my fearless cofounder Carolyn Rodz and I “gave them hell” with an announcement of which I couldn’t be prouder: our small business growth platform Alice just closed a Series A round of funding. That’s a major accomplishment that I think is newsworthy in its own right. But, the headline is even better. We required a morality clause in the funding agreement, legally demanding repercussions in the event of racial, gender, or sexual orientation discrimination.

As we were pitching Alice for funding, Carolyn and I went back to the fundamentals of why we started Alice for small business owners in the first place. Our platform exists to break down barriers to growth for our community of more than 100,000 business owners — especially entrepreneurs who are women, veterans, people of color, or members of the LGBTQ+ community.

Whether that means access to tips and best practices or funding opportunities of which they otherwise wouldn’t be aware, our job is to help small business owners “get ‘er done” — whatever that means to them. For us, there is an immense responsibility in being a comprehensive resource that small business owners trust to help them grow their ventures. We’re always encouraging our owners to try new approaches and go big in every aspect of their development, and that includes pushing owners to challenge institutions that stand in the way of their successes.

One institution that has long stood in our way is the silent perpetuation of discriminatory and predatory behavior by influential investors. While we’ve seen a rise of so-called “Weinstein” clauses drafted in the wake of the watershed #MeToo movement two years ago, most of those cases refer to protections for investors against investee executives who have outstanding allegations.

This is an important step in the right direction of instilling accountability at all levels of business. But we were left asking ourselves, “what happens when an investor is the one #MeToo’d?”

We at Alice were troubled by the lack of legal consequences for key decision makers, from board members to venture capitalists, given the reputational harm their actions could inflict on the businesses they touch. So to protect the reputation we have worked so hard to build for Alice and to protect the business owners who seek us for help every day from across the globe, Carolyn and I decided to lead by example and take a stand with our own investors. We took the “Weinstein” clause and flipped it, giving our board members the agency to use corporate governance mechanisms to vote for removal of any board member in the event of a #MeToo event, racial discrimination, or sexual orientation discrimination incident. Simply put, Alice and its investors are not afraid to show you the door if your behavior doesn’t serve the best interests of our community of entrepreneurs.

Including this provision was crucial to our vision for the company as we continue to grow. It echoes our core values of inclusivity within our online business community. And, as our users seek venture capital, we want them to know that they have the right to stipulate what should be common sense legal protections while still securing the funding they need. We have provided the clause openly here so everyone can take advantage — and not have to pay the legal bills we did.

Making sure that this information is available to anyone who wants it is part of our commitment to ensuring that everyone in business gets a fair shake. To have other founders include morality clauses like ours in their funding agreements is as important to me as the fact that we did it ourselves. We must make this a trend.

Our morality clause is also important to us as we strive to improve the broader business community and the way we all seek funding. Small businesses represent nearly 95 percent of all U.S. employers and support the careers of more than 50 percent of Americans.

But, while the small business landscape is changing into a New Majority, with more women, people of color, and LGBTQ+ folks starting businesses every day, the demographic of venture capitalists is much slower to change. To date, 89 percent of venture capital deciders are still men, and of all the investments they make, only 2 percent of them are in female-owned businesses. Less than half of a percent of women who receive venture capital are Latina, and the representation is even worse for other minority communities of entrepreneurs.

By now, Carolyn (who is Latina herself) and I have learned that we have to make our presence known in a business world that has often excluded us. And as more #MeToo behaviors come to light across industries, we’ll be able to protect our businesses and entrepreneurs making lasting impacts on our communities.

As we look to the next chapter of Alice and its expansion into new markets in 2020, we will continue to share our unique funding story with hopes that other small businesses will be inspired and empowered to do the same.

Venture capitalists be warned: the New Majority of entrepreneurs is here to stay, and our morality clause is just the beginning of a new path to small business success.

I think Grandma Opal would be proud.

Source: Tech Crunch