Year: 2018

Facebook has now detailed what data was scraped and stolen in the breach it revealed two weeks ago. 30 million users, not 50 million as it initially estimated, had their access tokens stolen by hackers. Users can check Facebook’s Help Center to find out if their information was accessed, and Facebook will send customized alerts to those impacted detailing what was accessed from their account and what they can do to recover. It’s currently not clear if all the information accessed was necessarily scraped.

Facebook’s VP of product managment Guy Rosen told reporters on a press call that “We are cooperating with the FBI on this matter” and that “the FBI have asked us not to discuss who may be behind this attack” as its own investigation is ongoing. Disclosing anything about perpetrator now could cause them to cover tracks.

15 million of the 30 million users had their name plus phone number and/or email accessed. 14 million had that info plus potentially more biographical info accessed, including “username, gender, locale/language, relationship status, religion, hometown, self-reported current city, birthdate, device types used to access Facebook, education, work, the last 10 places they checked into or were tagged in, website, people or Pages they follow, and the 15 most recent searches”. The remaining 1 million users’ information wasn’t accessed.

Facebook’s other apps including Messenger, Messenger Kids, Instagram, WhatsApp, Workplace, and Pages, as well as its features for payments, third-party apps, advertisers, and developers were not accessed. Facebook says that law enforcement has asked it not to discuss evidence regarding who committed the attack as the FBI continues its investigation.

Facebook says the breach started when hackers with some access tokens exploited a combination of three bugs related to its “View As” privacy feature for seeing your profile from the perspective of someone else. This let them gain access to those accounts’ friends leading them to steal access tokens 400,000 accounts, and used a different method to then grab tokens from 30 million of their friends.

Unlike most breaches, this one appears to have turned out to be less severe then initially expected. Users seem to already be forgetting about the breach after a short hiccup where they had to log back in to Facebook. It’s possible that that could impact Facebook’s user counts slightly in its Q3 earnings report. But unless a truly nefarious use case for the accessed data is revealed, the breach could fade into the noise of non-stop cybersecurity failures across the web, including Google+’s breach that was covered up and has now prompted the Facebook competitor’s shut down.

Researchers at Indiana University have confirmed that stringent password policies – aside from being really annoying – actually work. The research, led by Ph.D. student Jacob Abbott, IU CIO Daniel Calarco, and professor L. Jean Camp. They published their findings in a paper entitled “Factors Influencing Password Reuse: A Case Study.”

“Our paper shows that passphrase requirements such as a 15-character minimum length deter the vast majority of IU users (99.98 percent) from reusing passwords or passphrases on other sites,” said Abbott. “Other universities with fewer password requirements had reuse rates potentially as high as 40 percent.”

To investigate the impact of policy on password reuse, the study analyzed password policies from 22 different U.S. universities, including their home institution, IU. Next, they extracted sets of emails and passwords from two large data sets that were published online and contained over 1.3 billion email addresses and password combinations. Based on email addresses belonging to a university’s domain, passwords were compiled and compared against a university’s official password policy.

The findings were clear: Stringent password rules significantly lower a university’s risk of personal data breaches.

In short, requiring longer passwords and creating a truly stringent password policy reduced fraud and password reuse by almost 99%. Further, the researchers found that preventing users from adding their name or username inside passwords it’s also pretty helpful. Ultimately, having a stringent password policy is far better than have none at all. It’s a no-brainer but it could be an important data point for your next tech project.

AI-powered photo management app Zyl is going back to the drawing board with a streamlined, more efficient redesign. The app is now focused on one thing only — resurfacing your old memories.

Taking photos on a smartphone is now a daily habit. But what about looking back at photos you took one year, three years or even eight years ago? It can pile up quite quickly. Zyl thinks there’s emotional value in those long-forgotten photos.

Before this update, Zyl helped you delete duplicates, create smart photo albums based on multiple criteria and collaborate on photo albums. In other words, it was a utility app.

But when the company started talking with some of their users, they realized that one feature stood out and had more value than the rest.

Applying those AI-powered models to your photo library is a great way to find interesting photos. But nobody was really looking at them.

When you open the app, you get a view of your camera roll with your last photos at the bottom. There’s also a big green button at the bottom. When you tap on it, Zyl creates a satisfying animation and unveils an important photo.

If you took multiple photos to capture this moment, the app stitches together those photos and create a GIF. You can then share this Zyl with a friend or family member.

But the true magic happens if you try to get another Zyl. You have to wait 24 hours to unlock another photo. The next day, the app sends you a notification when your photo is ready. You can always open the app again and look at your past Zyls in a new tab with your most important photos.

Unlike Timehop or Facebook’s “On This Day” feature, Zyl doesn’t look at your social media posts and focuses on your camera roll. Zyl isn’t limited to anniversaries either.

Just like before, Zyl respects your privacy and leaves your photos alone. They’re never sent to the company’s server — Zyl uses the same photo database as the native one on your iPhone or Android phone so it doesn’t eat up more storage.

Over time, the app could give you more options by leveraging facial recognition and the intrinsic social graph of your photo library. Maybe you want to see more photos of your brother as his wedding is coming up.

And that notification can be a powerful nudge. I keep opening the app and sharing old photos. Zyl is a good example of the combination of something that you care about combined with an element of surprise.

AI-powered photo management app Zyl is going back to the drawing board with a streamlined, more efficient redesign. The app is now focused on one thing only — resurfacing your old memories.

Taking photos on a smartphone is now a daily habit. But what about looking back at photos you took one year, three years or even eight years ago? It can pile up quite quickly. Zyl thinks there’s emotional value in those long-forgotten photos.

Before this update, Zyl helped you delete duplicates, create smart photo albums based on multiple criteria and collaborate on photo albums. In other words, it was a utility app.

But when the company started talking with some of their users, they realized that one feature stood out and had more value than the rest.

Applying those AI-powered models to your photo library is a great way to find interesting photos. But nobody was really looking at them.

When you open the app, you get a view of your camera roll with your last photos at the bottom. There’s also a big green button at the bottom. When you tap on it, Zyl creates a satisfying animation and unveils an important photo.

If you took multiple photos to capture this moment, the app stitches together those photos and create a GIF. You can then share this Zyl with a friend or family member.

But the true magic happens if you try to get another Zyl. You have to wait 24 hours to unlock another photo. The next day, the app sends you a notification when your photo is ready. You can always open the app again and look at your past Zyls in a new tab with your most important photos.

Unlike Timehop or Facebook’s “On This Day” feature, Zyl doesn’t look at your social media posts and focuses on your camera roll. Zyl isn’t limited to anniversaries either.

Just like before, Zyl respects your privacy and leaves your photos alone. They’re never sent to the company’s server — Zyl uses the same photo database as the native one on your iPhone or Android phone so it doesn’t eat up more storage.

Over time, the app could give you more options by leveraging facial recognition and the intrinsic social graph of your photo library. Maybe you want to see more photos of your brother as his wedding is coming up.

And that notification can be a powerful nudge. I keep opening the app and sharing old photos. Zyl is a good example of the combination of something that you care about combined with an element of surprise.

This summer, Facebook launched Fb.gg, its online gaming hub and Twitch competitor, designed to attract game streamers and their fans to watch videos on Facebook instead of on rival sites. The destination shows videos based on which games and streaming celebrities users follow, plus Liked Pages and Groups, and other featured suggestions of what to watch. Now, Fb.gg is expanding to mobile with its launch on Android.

The new app, first spotted by Sensor Tower, arrived just a few days ago and is currently in beta testing.

According to its description on Google Play, the app allows gamers and fans to discover a “universe of gaming content,” connect with creators and join communities, and play instant games like Everwing, Words with Friends, Basketball FRVR, and others.

From the screenshots, you can see how the Fb.gg app lets users tap navigation buttons at the top to find streamers to watch, or to view those streamers they’re already following, among other things. They can also participate in live conversations during gameplay with other viewers. Here, they can react to the stream using Facebook’s standard emoticon set of likes, hearts, haha’s and others.

Another section lets gamers jump into simple and popular mobile games. These titles are among those who were early participants in Facebook’s other gaming efforts in the past, like Instant Games on Facebook and Messenger.

Facebook has been trying to woo the gaming community for some time, to better compete against Amazon’s Twitch and Google’s YouTube. There’s a large and growing market for game streaming and viewing, with young viewers tuning in an average of 3+ hours a week to watch, as TechCrunch previously noted.

Facebook’s efforts to directly challenge Twitch and others kicked off in earnest this year, with the launch of its own version of Twitch’s Partner Program. Facebook’s  gaming creator pilot program, as it’s called, allows viewers to tip their favorite gamers. And with the arrival of Fb.gg in June, the virtual currency involved in those tips was being referred to as Facebook Stars, with each star equating to $0.01.

Facebook said it takes a cut of fans’ purchases of stars, ranging from 5%-30%, depending on what size pack is bought.

Facebook also recently began testing a monthly subscription option with game streamers, similar to what’s offered by YouTube and Twitch.

Of course, to truly compete with Twitch and YouTube, Facebook needs to go mobile as well – especially since the upcoming Messenger redesign will hide away extraneous features, like mobile gaming. That’s where Fb.gg’s app comes in.

The Android version of the Fb.gg beta app launched on October 9, and already has over 10,000 installs, according to Google Play.

We’ve reached out to Facebook for comment on the launch.

This summer, Facebook launched Fb.gg, its online gaming hub and Twitch competitor, designed to attract game streamers and their fans to watch videos on Facebook instead of on rival sites. The destination shows videos based on which games and streaming celebrities users follow, plus Liked Pages and Groups, and other featured suggestions of what to watch. Now, Fb.gg is expanding to mobile with its launch on Android.

The new app, first spotted by Sensor Tower, arrived just a few days ago and is currently in beta testing.

According to its description on Google Play, the app allows gamers and fans to discover a “universe of gaming content,” connect with creators and join communities, and play instant games like Everwing, Words with Friends, Basketball FRVR, and others.

From the screenshots, you can see how the Fb.gg app lets users tap navigation buttons at the top to find streamers to watch, or to view those streamers they’re already following, among other things. They can also participate in live conversations during gameplay with other viewers. Here, they can react to the stream using Facebook’s standard emoticon set of likes, hearts, haha’s and others.

Another section lets gamers jump into simple and popular mobile games. These titles are among those who were early participants in Facebook’s other gaming efforts in the past, like Instant Games on Facebook and Messenger.

Facebook has been trying to woo the gaming community for some time, to better compete against Amazon’s Twitch and Google’s YouTube. There’s a large and growing market for game streaming and viewing, with young viewers tuning in an average of 3+ hours a week to watch, as TechCrunch previously noted.

Facebook’s efforts to directly challenge Twitch and others kicked off in earnest this year, with the launch of its own version of Twitch’s Partner Program. Facebook’s  gaming creator pilot program, as it’s called, allows viewers to tip their favorite gamers. And with the arrival of Fb.gg in June, the virtual currency involved in those tips was being referred to as Facebook Stars, with each star equating to $0.01.

Facebook said it takes a cut of fans’ purchases of stars, ranging from 5%-30%, depending on what size pack is bought.

Facebook also recently began testing a monthly subscription option with game streamers, similar to what’s offered by YouTube and Twitch.

Of course, to truly compete with Twitch and YouTube, Facebook needs to go mobile as well – especially since the upcoming Messenger redesign will hide away extraneous features, like mobile gaming. That’s where Fb.gg’s app comes in.

The Android version of the Fb.gg beta app launched on October 9, and already has over 10,000 installs, according to Google Play.

We’ve reached out to Facebook for comment on the launch.

Brothers Evan and Emery Huang, founders of Batu Capital

Restaurateur and raconteur Eddie Huang is the best known of the three “Fresh off the Boat” brothers (it was his memoir that inspired the ABC sitcom), but his younger brothers Emery and Evan remain relatively mysterious even to its most loyal viewers. Though the two’s namesake characters are also prominently featured on the show, their real-life counterparts have kept a much lower public profile, making sporadic appearances on Eddie’s social media.

Emery and Evan, however, have been busy investing in real estate and recently branched into tech startups. Though their multi-family investment office Batu Capital just launched this year, it reached a big milestone this week when one of their first investments, MJ Freeway, an enterprise software developer for the cannabis industry, entered into a merger agreement with MTech that will make it part of a Nasdaq-listed holding company.

The fictionalized versions of Evan and Emery Huang, portrayed on “Fresh off the Boat” by Ian Chen and Forrest Wheeler. (Photo by Vivian Zink/ABC via Getty Images)

In an interview, the two brothers told TechCrunch about moving into the tech sector and the startups they want to fund in the United States, China and Southeast Asia. Batu Capital is focused on finding companies in the cannabis, blockchain and crypto sectors, as well as big data.

In addition to MJ Freeway, which provides enterprise resource planning and compliance tracking software for the cannabis businesses, its portfolio also includes Vidy, a startup building a new approach to video ads on Ethereum, and Sora Ventures, a crypto-backed blockchain and digital currency venture fund. Batu Capital invests in seed or Series A stage companies or Series C and pre-IPO and its typical check size will be about $500,000 to $2 million.

Though Batu isn’t a single family office, instead raising capital from a network of limited partners for each investment, its creation was motivated by Emery and Evan’s desire to protect their family’s assets after several generations of political and social upheaval.

“Long story short, our family has made and lost fortunes more than five times within the past two generations and quite frankly I’ll be damned if we let it happen again in me and Evan’s lifetime,” Emery says.

Before World War II, the Huang brothers’ paternal relatives amassed a railroad fortune, but lost it all during the Japanese invasion of Nanjing. They escaped to Chongqing and began rebuilding their wealth through real estate, but were forced to flee to Taiwan during the Chinese Communist Revolution, losing everything once again. Meanwhile their maternal grandparents had also fled from China to Taiwan to escape the Japanese army. Though they had worked in banking before, they survived in Taipei by selling steamed buns on the street for several years until getting jobs in a textile plant, eventually opening their own curtain and upholstery fabric factory.

Like many who had escaped the Chinese Communist Party, however, the boys’ relatives remained wary of another invasion and though they had rebuilt their lives in Taiwan, both sides eventually left for the U.S. That’s where their parents, Louis and Jessica, met, married, and had their three sons. “Fresh off the Boat,” the first American primetime sitcom in 20 years to star Asian-Americans, is a fictionalized version of the Huang family’s ups-and-downs as Louis and Jessica build a restaurant business in Florida, where the brothers grew up.

Investing in the backbone of new industries

All three brothers gained business experience by working on BaoHaus, the popular restaurant chain Eddie launched on the Lower East Side of Manhattan in 2009. Emery, who had won the Writers of the Future Grand Prize for science fiction writing, exited early and moved to China. He wanted to work on novels set there, but also look for new investment opportunities. At that time, Emery and Evan were helping their parents prepare for retirement by exiting the restaurant business and they began investing the family’s assets in real estate, brokering deals between Chinese investment groups and New York City property owners before deciding to branch into tech.

Batu Capital is named after Batu Khan, the Mongol ruler and founder of the Golden Horde dynasty, in a nod to their love of Mongolian history (they also recently discovered, thanks to 23andMe tests, that they have some Mongolian heritage through both their parents).

The firm is focusing on cannabis because of its “massive addressable market, both in terms of pain management and medical usage, as well as recreational usage,” Emery says. In particular, the brothers are hopeful that it can replace the $17 billion painkiller market, but without the side effects that have contributed to the opioid epidemic. As for crypto, Emery says the brothers “were really drawn to the applications of blockchain technology, not just for currency, but blockchain in general, and smart ledgers in general, as a way to archive information in terms of data storage and data fidelity.”

In each sector, Evan says Batu looks for companies that want to build solutions for the “overall infrastructure of the industry.”

For example, MJ Freeway helps growers and dispensaries manage their business while making sure they comply with state and federal regulations. Vidy, meanwhile, is using blockchain to reboot the way publishers display ads. Instead of automatic pop-ups or embeds, readers can decide if they want to see a video by placing their finger or cursor over text in an online article (try it in this Esquire Singapore article by hovering over the pink highlighted text).

By allowing readers an easy opt-in to streaming videos, Vidy hopes to give publishers a more nuanced understanding of user engagement. The startup, whose partners include Mediacorp, Mercedes-Benz, and Deliveroo, also created its own ERC20 utility token, called VidyCoin, which advertisers use to purchase ad placements and readers can earn by watching videos. Recording transactions on blockchain enables Vidy to guard against different types of online ad fraud, including click spam.

With their family’s past setbacks in mind, the Huang brothers say one priority is to make sure their portfolio is geographically diverse. In addition to the U.S. and China (Emery is based in Shanghai and Evan is planning to move from the U.S. to Beijing soon), Batu Capital is also looking at growth markets in Southeast Asia, in particular the Philippines and Cambodia. The latter not only benefits from Chinese funding, but also provides more transparency for investors, they say.

“Our number one priority for startups is the executive team. We want to make sure it’s people who have a track record of building up companies in that industry or related industries, or that have experience that can transfer over. They have to have a competitive edge in the market. For example, what’s their niche in the big data space or do they have strategic partnerships?” Emery says. “The same thing with crypto and cannabis. We don’t just invest in the space. We need to make sure they stand out.”

IBM announced yesterday that it has filed a formal protest with the U.S. Government Accountability Office over the structure of the Pentagon’s winner-take-all $10 billion, 10-year JEDI cloud contract. The protest came just a day before the bidding process is scheduled to close. As IBM put it in a blog post, they took issues with the single vendor approach. They are certainly not alone.

Just about every vendor short of Amazon, which has remained mostly quiet, has been complaining about this strategy. IBM certainly faces a tough fight going up against Amazon and Microsoft.

IBM doesn’t disguise the fact that it thinks the contract has been written for Amazon to win and they believe the one-vendor approach simply doesn’t make sense. “No business in the world would build a cloud the way JEDI would and then lock in to it for a decade. JEDI turns its back on the preferences of Congress and the administration, is a bad use of taxpayer dollars and was written with just one company in mind.” IBM wrote in the blog post explaining why it was protesting the deal before a decision was made or the bidding was even closed.

For the record, DOD spokesperson Heather Babb told TechCrunch last month that the bidding is open and no vendor is favored. “The JEDI Cloud final RFP reflects the unique and critical needs of DOD, employing the best practices of competitive pricing and security. No vendors have been pre-selected,” she said.

Much like Oracle, which filed a protest of its own back in August, IBM is a traditional vendor that was late to the cloud. It began a journey to build a cloud business in 2013 when it purchased Infrastructure as a Service vendor SoftLayer and has been using its checkbook to buy software services to add on top of SoftLayer ever since. IBM has concentrated on building cloud services around AI, security, big data, blockchain and other emerging technologies.

Both IBM and Oracle have a problem with the one-vendor approach, especially one that locks in the government for a 10-year period. It’s worth pointing out that the contract actually is an initial two-year deal with two additional three year options and a final two year option. The DOD has left open the possibility this might not go the entire 10 years.

It’s also worth putting the contract in perspective. While 10 years and $10 billion is nothing to sneeze at, neither is it as market altering as it might appear, not when some are predicting the cloud will be $100 billion a year market very soon.

IBM uses the blog post as a kind of sales pitch as to why it’s a good choice, while at the same time pointing out the flaws in the single vendor approach and complaining that it’s geared toward a single unnamed vendor that we all know is Amazon.

The bidding process closes today, and unless something changes as a result of these protests, the winner will be selected next April

Mobile ticketing app TodayTix is getting into the show production business with the launch of a new program called TodayTix Presents.

While TodayTix is sometimes described as the mobile version of the TKTS booth where you can pick up last-minute tickets to Broadway shows, CEO Brian Fenty said that he sees the service’s real competitors as “anything you can do with your night, outside of work — that’s Netflix and ‘Orange is the New Black,’ that’s post-season baseball, that’s a pitcher of margarita.”

At the same time, Fenty said after driving a total of $250 million in sales and to 4.6 million customers, the company has built a rich trove of data about people’s cultural interests. So with that in mind, it made sense for TodayTix to follow Netflix’s footsteps with “the same ethos that they had, to develop and to nurture programming and content that’s intimately connected to what users and what customers want to see.”

This doesn’t mean TodayTix is going to be producing spectacular Broadway productions. Instead, Fenty pointed to the TodayTix Live concert in Brooklyn last month as the first of these shows.

That concert, which celebrated TodayTix’s five-year anniversary and was hosted by Darren Criss, featured (mostly) Broadway stars like Matthew Morrison and Ariana Debose, who (mostly) performed pop standards.

Fenty said future TodayTix Live events won’t follow the exact same format, but the idea is to continue featuring popular artists in intimate settings — he compared it to “MTV Unplugged.” In fact, he suggested that with 300 attendees, last month’s concert was about as big as these shows will get.

And because these are small, one-off events, Fenty said they’re noc competitive with the big shows that TodayTix works with.

“[Our partners] are doing longform, high-budget, highly developed shows that take years to develop and are fully baked,” he said. “Really what TodayTix Presents is supposed to be is a work-in-progress, an intimate way to see an artist.”

TodayTix already has plans for another New York City event in November, and then two in December. Fenty said “the cadence should roughly be a few events per quarter to start,” and that there will be shows across the service’s 13 markets.

Half of all devices are now running the latest version of the iOS mobile operating system, iOS 12, according to figures shared by Apple. On devices introduced in the last four years, that number is as high as 53 percent. And iOS 12 adoption is taking place more quickly than the last release did, Apple also notes.

As we previously reported, it took until November 6, 2017 for iOS 11 reach 52 percent of all current iPhones and iPads. iOS 12 achieved that milestone in mid-October.

Apple’s new figures, available here on its Apple Developer website, also confirm a third-party report released last week, which claimed to show a similar trend. According to Mixpanel’s findings, then roughly 47.6 percent of all iOS devices were running iOS 12, while 45.6 percent were running iOS 11. The remaining devices were running an older version, it had said.

Apple’s data backs this up, too, showing iOS 12 at 53 percent on all devices introduced since September 2014, followed by iOS 11 at 40 percent, then the remaining 7 percent running an earlier version of iOS.

In terms of all iOS devices, Apple’s figures are: iOS 12 at 50 percent, iOS 11 at 39 percent, with 11 percent running an earlier iOS version.

The adoption rates related to the new version of Android look far different, by comparison. The latest release, Android Oreo (8.0 and 8.1), runs on just 19.2 percent of devices. Nougat, Marshmallow, Lollipop, and KitKat still have large install bases as well, at 20.3 percent, 21.6 percent, 18.3 percent, and 7.8 percent, respectively.

But Apple has an advantage when it comes to distributing its mobile OS. While Google pushes out updates to its own supported Pixel, Nexus and Android One devices, Android updates, for the most part, are handled by OEMs and carriers.

The new data on iOS 12 adoption rates follow another third-party report, this one from CIRP, which claims Apple is catching up to Android loyalty rates in Q3 and is seeing retention rates that are at an all-time high. CIRP’s reporting is based on survey data, however, not direct measurements like Mixpanel and Apple’s figures are.