Month: July 2018

Google today announced it is launching its own hardware security keys for two-factor authentication. These so-called Titan Security Keys will go up against similar keys from companies like Yubico, which Google has long championed as the de facto standard for hardware-based two-factor authentication for Gmail and other services.

The FIDO-compatible Titan keys will come in two versions. One with Bluetooth support for mobile devices and one that plugs directly into your computer’s USB port. In terms of looks and functionality, those keys look quite a lot like the existing keys from Yubico, though our understanding is that these are Google’s own designs.

Unsurprisingly, the folks over at Yubico got wind of today’s announcement ahead of time and have already posted a reaction to today’s news (and the company is exhibiting at Google Cloud Next, too, which may be a bit awkward after today’s announcement).

“Yubico strongly believes there are security and privacy benefits for our customers, by manufacturing and programming our products in USA and Sweden,” Yubico founder and CEO Stina Ehrensvard writes, and goes on to throw a bit of shade on Google’s decision to support Bluetooth. “Google’s offering includes a Bluetooth (BLE) capable key. While Yubico previously initiated development of a BLE security key, and contributed to the BLE U2F standards work, we decided not to launch the product as it does not meet our standards for security, usability and durability. BLE does not provide the security assurance levels of NFC and USB, and requires batteries and pairing that offer a poor user experience.”

It’s unclear who is manufacturing the Titan keys for Google (the company spokesperson didn’t know when asked during the press conference), but the company says that it developed its own firmware for the keys. And while Google is obviously using the same Titan brand it uses for the custom chips that protect the servers that make up its cloud, it’s also unclear if there is any relation between those.

No word on pricing yet, but the keys are now available to Google Cloud customers and will be available for purchase for anyone in the Google Store, soon.

One of Google’s first hardware products was its search appliance, a custom-built server that allowed businesses to bring Google’s search tools to the data behind their firewalls. That appliance is no more, but Google today announced the spiritual successor to it with an update to Cloud Search. Until today, Cloud Search only indexed G Suite data. Now, it can pull in data from a wide variety of third-party services that can run on-premise or in the cloud, too, making the tool far more useful for large businesses that want to make all of their data searchable by their employees.

“We are essentially taking all of Google expertise in search and are applying it to your enterprise content,” Google said.

One of the launch customers for this new service is Whirlpool, which built its own search portal and indexed over 12 million documents from more than a dozen services using this new service.

“This is about giving employees access to all the information from across the enterprise, even if it’s traditionally siloed data whether that’s in a database or a legacy productivity tool and make all of that available in a single index,” Google explained.

To enable this functionality, Google is making a number of software adapters available that will bridge the gap between these third-party services and Cloud Search. Over time, Google wants to add support for more services and bring this cloud-based technology on par with what its search appliance was once capable of.

Riding on a wave of an explosion in the use of machine learning to power, well, just about everything is the emergence of GPUs as one of the go-to methods to handle all the processing for those operations.

But getting access to those GPUs — whether using the cards themselves or possibly through something like AWS — might still be too difficult or too expensive for some companies or research teams. So Davit Buniatyan and his co-founders decided to start Snark AI, which helps companies rent GPUs that aren’t in use across a distributed network of companies that just have them sitting there, rather than through a service like Amazon. While the larger cloud providers offer similar access to GPUs, Buniatyan’s hope is that it’ll be attractive enough to companies and developers to tap a different network if they can lower that barrier to entry. The company is launching out of Y Combinator’s Summer 2018 class.

“We bet on that there will always be a gap between mining and AWS or Google Cloud prices,” Buniatyan said. “If the mining will be [more profitable than the cost of running a GPU], anyone can get into AWS and do mining and be profitable. We’re building a distributed cloud computing platform for clients that can easily access the resources there but are not used.”

The startup works with companies with a lot of spare GPUs that aren’t in use, such as gaming cloud companies or crypto mining companies. Teams that need GPUs for training their machine learning models get access to the raw hardware, while teams that just need those GPUs to handle inference get access to them through a set of APIs. There’s a distinction between the two because they are two sides to machine learning — the former building the model that the latter uses to execute some task, like image or speech recognition. When the GPUs are idle, they run mining to pay the hardware providers, and Snark AI also offers the capability to both mine and run deep learning inference on a piece of hardware simultaneously, Buniatyan said.

Snark AI matches the proper amount of GPU power to whatever a team needs, and then deploys it across a network of distributed idle cards that companies have in various data centers. It’s one way to potentially reduce the cost of that GPU over time, which may be a substantial investment initially but get a return over time while it isn’t in use. If that’s the case, it may also encourage more companies to sign up with a network like this — Snark AI or otherwise — and deploy similar cards.

There’s also an emerging trend of specialized chips that focus on machine learning or inference, which look to reduce the cost, power consumption, or space requirements of machine learning tasks. That ecosystem of startups, like Cerebras Systems, Mythic, Graphcore, or any of the other well-funded startups, all potentially have a shot at unseating GPUs for machine learning tasks. There’s also the emergence of ASICs, customized chips that are better suited to tasks like crypto mining, which could fracture an ecosystem like this — especially if the larger cloud providers decide to build or deploy something similar (such as Google’s TPU). But this also means that there’s room to potentially create some new interface layer that can snap up all the leftovers for tasks that companies might need, but don’t necessarily need bleeding-edge technology like that from those startups.

There’s always going to be the same argument that was made for Dropbox prior to its significant focus on enterprises and collaboration: the price falls dramatically as it becomes more commoditized. That might be especially true for companies like Amazon and Google, which have already run that playbook before, and could leverage their dominance in cloud computing to put a significant amount of pressure on a third-party network like Snark AI. Google also has the ability to build proprietary hardware like the TPU for specialized operations. But Buniatyan said that the company’s focus on being able to juggle inference and mining, in addition to keeping that cost low for idle GPUs of companies that are just looking to deploy, should keep it viable even amid a changing ecosystem that’s focusing on machine learning.

While we might like to think all of our applications are equal in our eyes, in reality some are more important than others and require an additional level of security. To meet those requirements, Google introduced shielded virtual machines at Google Next today.

As Google describes it, “Shielded VMs leverage advanced platform security capabilities to help ensure your VMs have not been tampered with. With Shielded VMs, you can monitor and react to any changes in the VM baseline as well as its current runtime state.”

These specialized VMs run on GCP and come with a set of partner security controls to defend against things like rootkits and bootkits, according to Google. There are a whole bunch of things that happen even before an application launches inside a VM, and each step in that process is vulnerable to attack.

That’s because as the machine starts up, before you even get to your security application, it launches the firmware, the boot sequence, the kernel, then the operating system — and then and only then, does your security application launch.

That time between startup and the security application launching could leave you vulnerable to certain exploits that take advantage of those openings. The shielded VMs strip out as much of that process as possible to reduce the risk.

“What we’re doing here is we are stripping out any of the binary that doesn’t absolutely have to be there. We’re ensuring that every binary that is there is signed, that it’s signed by the right party, and that they load in the proper sequence,” a Google spokesperson explained. All of these steps should reduce overall risk.

Shielded VMs are available in Beta now

Lyft has hired Karim Bousta, Tesla’s now-former VP of Worldwide Service and Customer Experience, to serve as the transportation company’s VP of driver experience operations. At Lyft, Bousta will be responsible for leading rental program Express Drive, and launching and scaling the next generation of Lyft Hubs, which are Lyft’s driver support centers. He will also be tasked with beefing up driver rewards and incentives.

“I am all about the drivers. I want driving with Lyft to be the best and most rewarding experience,” Bousta said in a statement. “We know that the biggest burden of driving is the cost of vehicle maintenance, servicing, and insurance. My goal is to severely reduce or even eliminate that burden and put more money back in our drivers’ pockets.”

In May, Lyft committed $100 million to better support its drivers by specifically putting thE money toward cheaper oil changes, basic car maintenance, serviced car washes and more. Lyft will also almost double its operating hours at its driver hubs in 15 cities throughout the nation.

The idea with that commitment is to help drivers make more money and maximize their earnings by offsetting the costs of driving. Other benefits will include car and SUV rentals, tax education and more.

Lyft also says it expects to more than double its driver base in the next five years. Currently, Lyft has 1.4 million drivers, according to its latest economic impact report. The hiring of Bousta also comes shortly after Lyft hit a $15.1 billion following a $600 million funding round and outlined its bike and scooter plans.

Karim Bousta, Lyft VP of Driver Experience Operations

It’s worth noting that Bousta’s boss, Lyft COO Jon McNeill, joined the company earlier this year — also from Tesla, where he served as president of sales and service.

“Karim is a creative and motivating leader with the talent, track record, and passion to revolutionize the Lyft driver experience,” Bousta said in a statement. “Drivers will see meaningful improvements top to bottom with Karim joining the team, and I’m excited to dig in with him.”

Google is running its playbook again of releasing big new products (or redesigns) to its average users and then moving what works over to its enterprise services, G Suite, today by making the Gmail redesign generally available to G Suite customers.

Gmail’s redesign launched for consumers in April earlier this year, including new features like self-destructing messages, email snoozing and other new features in addition to a little bit of a new look for the service that has more than 1 billion users. All those services are useful for consumers, but they might actually have more palatable use cases within larger companies that have to have constant communication with anywhere from a few to thousands of employees. Email hell is a common complaint for, well, basically every single user on Facebook, Twitter, LinkedIn or anywhere else people can speak publicly to any kind of network, and any attempts to tackle that — that work, at least — could have pretty substantial ramifications.

Google is directly competing with other enterprise mail services, especially as it looks to make G Suite a go-to set of enterprise tools for larger companies. It’s a nice, consistent business that can grow methodically, which is a kind of revenue stream that Wall Street loves and can cover the potential trip-ups in other divisions. Google has also made a big push in its cloud efforts, especially on the server front with its competitors for Microsoft and Azure — which doesn’t make it that surprising that Google is announcing this at what is effectively its cloud conference, Google Cloud Next 2018 in San Francisco.

The new Gmail uses machine learning to find threat indicators across a huge bucket of messages to tackle some of the lowest-hanging fruit, like potential phishing attacks, that could compromise a company’s security and potentially cost millions of dollars. Google says those tools protect users from almost 10 million spam and malicious emails every minute, and the new update also gives G Suite users access to those security features, as well as offline access and the redesigned security warnings that Google included in its consumer-focused redesign.

Whether companies will adopt this redesign — or at least what rate they will — remains to be seen, as even small tweaks to any kind of software that has a massive amount of engagement can potentially interrupt the workflow of users. We’ve seen that happen before with Facebook users losing it over small changes to News Feed, and while enterprise Gmail is definitely a different category, Google has to take care to ensure that those small changes don’t interrupt the everyday use cases for enterprise users. If companies are going to pay Google for something like this, they have to get it right.

We know by now that usernames and passwords are a poor way of securing applications and online services, but they remain for the most part a key tool in the security arsenal. The trouble is that with all of the security breaches in recent years from Equifax to Anthem to Target (and many others), people’s credentials have been widely shared on the internet black market.

Google wants to help fix that problem and today at Google Next, it announced Context-aware access, a new program that looks beyond your credentials to other factors to help determine if it’s really you or someone pretending to be you.

Context-aware access lets administrators define a set of information that could help them more accurately ascertain the identity of the person trying to access your service. “Context-aware access allows organizations to define and enforce granular access to GCP APIs, resources, G Suite, and third-party SaaS apps based on a user’s identity, location, and the context of their request,” Google explained.

One way to better understand the person accessing your services is to look at some contextual clues such as where they are logging on, the IP address of the machine they are logging on from, the time of day and other factors. Does all of this make sense based on what you know about the person?

The idea flips the notion of security responsibility on its head. Instead of requiring the user to be completely responsible for proving who they are, it puts the burden (and control) in the hands of the administrator where it makes more sense.

Google created this security tool because it recognizes as well as any company that users aren’t tied to the office anymore. They are working on mobile devices and accessing apps and cloud services and it becomes more difficult to trust identity, especially with so many stolen credentials out there.

The new program builds on Google’s BeyondCorp vision, an idea they began developing in 2011 to address the fact that computing no longer took place inside a clearly defined perimeter. In the days before mobile and cloud, people generally accessed computer systems from a specific place. If someone tried to log on from outside of that, you could catch them and turn them away.

Mobile and the cloud changed all that and Google began defining an idea called Zero Trust, the notion that you don’t trust anyone on your services and build an appropriate security position based on that idea. Identity is really central to this, but at some point, even in a Zero Trust model, you have to let people in and do business on your services. This tool gives administrators in a Zero Trust Model much more information to work with beyond a username and password to determine if the user is authentic or not.

Context-aware access management is available today for customers using ​VPC Service Controls. It will be available soon for customers using ​Cloud Identity and Access Management​ (IAM), ​Cloud Identity-Aware Proxy​ (IAP), and ​Cloud Identity​, according to the company.

Google today said it will be rolling out an enterprise version of its Google Voice service for G Suite users, potentially tapping a new demand source for Google that could help attract a whole host of new users.

Google voice has been a long-enjoyed service for everyday consumers, and offers a lot of benefits beyond just having a normal phone number. The enterprise version of Google Voice appears to give companies a way to offer those kinds of tools, including AI-powered parts of it like voicemail transcription, that employees may be already using and potentially skirting the guidelines of a company. Administrators can provision and port phone numbers, get detailed reports and set up call routing functionality. They can also deploy pone numbers to departments or employees, giving them a sort of universal number that isn’t tied to a device — and making it easier to get in touch with someone where necessary.

All of this is an effort to spread adoption of G Suite among larger enterprises as it offers a nice consistent business for Google. While its advertising business continues to grow, the company is investing in cloud products as another revenue stream. That division offers a lot of overhead while Google figures out where the actual total market capture of its advertising is and starts to work on other projects like its hardware, Google Home, and others.

While Google didn’t explicitly talk about it ahead of the conference today, there’s another potential opportunity for something like this: call centers. An enterprise version of Google Voice could give companies a way to provision out certain phone numbers to employees to handle customer service requests and get a lot of information about those calls. Google yesterday announced that it was rolling out a more robust set of call center tools that lean on its expertise in machine learning and artificial intelligence, and getting control of the actual numbers that those calls take in is one part of that equation.

There’s also a spam filtering feature, which will probably be useful in handling waves of robo-calls for various purposes. It’s another product that Google is porting over to its enterprise customers with a bit better controls for CTOs and CIOs after years of understanding how normal consumers are using it and having an opportunity to rigorously test parts of the product. That time also gives Google an opportunity to thoroughly research the gaps in the product that enterprise customers might need in order to sell them on the product.

Google Voice enterprise is going to be available as an early adopter product.

The pace of cord cutting in the U.S. is increasing faster than expected, according to a new forecast released this week by eMarketer. The analyst firm is now projecting the number of those ditching their subscriptions to cable and satellite TV will climb 32.8 percent this year to reach 33 million people – a figure that’s higher than the 22 percent growth rate and 27.1 million cord cutters it had estimated around this time last year.

The report points out that partnerships between traditional pay TV companies and over-the-top providers, such as Netflix, haven’t helped to stem the time of cord cutting. Most U.S. pay TV providers – including Dish, Charter and Comcast – offer integrations with Netflix today, it notes. But it seems cord cutters are more interested in just Netflix and other streaming services, not in pay TV plus Netflix.

“These partnerships are still in the early stages, so we don’t foresee them having a significant impact reducing churn this year,” said Marketer senior forecasting analyst Christopher Bendtsen. “With more pay TV and [over-the-top] partnerships expected in the future, combined with other strategies, providers could eventually slow—but not stop—the losses,” he noted.

That said, pay TV subscribers today still far outnumber cord cutters.

There are 186.7 million U.S. adults watching cable, satellite or telco-provided pay TV in 2018, compared with the 33 million projected cord cutters. However, the number of pay TV subscribers is down 3.8 percent over last year, which is a little bit higher than the 3.4 drop in 2017.

Meanwhile, streaming services are gaining because of the pay TV losses. eMarketer increased its estimates for several streaming services’ viewership numbers, as a result.

Now, it forecasts YouTube will have 192 million U.S. viewers in 2018, followed by 148 million for Netflix, 89 million for Amazon, 55 million for Hulu, 17 million for HBO Now, and 7 million for Sling TV.

These figures are higher than currently reported subscriber numbers. For example, Hulu today says it has 20 million subscribers. Sling TV has 2.3 million. Netflix has 57 million. But eMarketer isn’t tracking “subscribers” – it’s estimating “viewers,” which it says is any individual of any age watching the streaming service at least once per month. That means it’s accounting for households with multiple people, including children.

The firm says cord cutters are attracted to the platforms not just because of the lower cost, but also the original programming.

“The main factor fueling growth of on-demand streaming platforms is their original content,” said eMarketer principal analyst Paul Verna. “Consumers increasingly choose services on the strength of the programming they offer, and the platforms are stepping up with billions in spending on premium shows. Another factor driving the acceleration of cord-cutting is the availability of compelling and affordable live TV packages that are delivered via the internet without the need for installation fees or hardware,” he added.

Equidate, a 4.5-year-old, San Francisco-based marketplace that makes privately held shares available to accredited investors wanting to buy them, is announcing a whopper of a round this morning: $50 million in Series B funding from Financial Technology Partners, Panorama Point Partners, and Operative Capital. The company had earlier raised only very small seed and Series A rounds from renowned investors Scott Banister, Tim Draper, and Peter Thiel.

The round is entirely unsurprising, given the circle of life for many venture-backed startups, which is to raise capital, raise more capital if your company takes off, then . . . raise even more capital — sometimes a staggering amount — while pushing off an IPO or sale for as long as possible. (After all, at this point, you need to ensure that when you do make a move, your company is valuable enough to return all that money and then some.)

The cycle won’t change any time soon, given the amounts of late-stage capital being raised to support it. Sequoia Capital is well on its way to closing an $8 billion fund. Insight Venture Partners last week closed a $6.3 billion fund. Lightspeed Venture Partners announced $1.8 billion across two new funds earlier this month. Index Ventures closed on two funds totaling $1.65 billion earlier this month index. It goes on and on.

While an interesting and complicated and controversial trend for many reasons, including that many more “unicorns” are being minted than will be giant success stories, the shift toward pushing out potential liquidity events has been very propitious development for  secondary players — outfits like Industry Ventures and EquityZen and Saints Capital — that help employees and early investors in privately held companies sell their “pre-IPO” holdings to someone else.

It’s been good news, too, for Equidate, whose profile has been rising behind the scenes, including in part to its role in working with the streaming music service Spotify ahead of its direct public listing in April. According to Equidate cofounder and co-CEO Sohail Prasad, by encouraging an active secondary market ahead of that move, Spotify was able to glean the volume and price discovery information it needed to set a fair price for its public market shares, and Equidate handled 40 percent of those trades.

Equidate, which employs 26 people, typically requires a minimum investment of between $20,000 and $50,000. It serves accredited and institutional investors only. With exceptions, it keeps 5 percent of each transaction as its commission fee, and it says that it’s on track to transact $1 billion worth of shares this year.

Other past companies that Equidate has either worked with directly — or, at least, that haven’t stopped Equidate from selling their privately held shares — include Didi, the major Chinese ride-sharing company; Meituan Dianping, the highly valued, China-based group-buying website for locally found consumer products and services (it filed to go public last month); Tencent’s music service, which also plans to list soon; and Xiaomi, the smartphone maker that went public in Hong Kong earlier this month.

Indeed, asked about trends he is seeing in the secondary market, Prasad notes companies are staying private longer, prompting more of them to think about “interval liquidity programs” that let employees and early shareholders sell during pre-set windows.

He also notes that unlike in recent years, where money around the world was looking for opportunities in Silicon Valley, “we’re seeing more VCs and hedge funds looking at these new Asian unicorns and Chinese unicorns in particular as a great opportunity.

Pictured above, left to right, Equidate cofounders and co-CEOs Sohail Prasad and Samvit Ramadurgam.