Year: 2019

Security is empty, meaningless theater — or, at least, that’s the lesson taught to most employees of most large companies. Security is your password expiring every few months, your inability to access crucial services if you’re new or a contractor, a salty message from a team you’ve never met explaining that your new initiative is not permitted, a transparently convenient excuse when someone doesn’t want to admit their real reason. Security is bullshit.

I can cite more examples from my own career as a consultancy CTO than I care to think about. The household-name company whose security team explained that cloud services were inherently insecure, until they day they decided to switch to AWS and began to explain how local servers were inherently insecure. The household-name companies who deluged us with detailed security questionnaires regarding the security of our servers, but whose assessment protocols were then unable to comprehend our “uh, everything’s in the cloud with GitHub and GSuite etc., we have no servers of our own” responses without hour-long handholding calls.

Which is why it was such a glorious breath of fresh air to hear Dino Dai Zovi‘s keynote speech at the Black Hat security conference in Las Vegas this morning. Dai Zovi, staff security engineer at Square, argued that the all-too-common model of security as a team which sits and snipes at the people who actually build things, telling them no and pointing fingers, is in fact fantastically counterproductive.

Instead, he argued, security has to change its culture, which is far more important than strategy, which in turn is far more important than tactics. Instead of security becoming a faraway flaming hoop to jump through, teams should become responsible for their own security. Furthermore, security engineers should write code to help those teams. Fuzzing is great, but as he put it, “the next level is making fuzzy easy for software developers, because there are way more of them than there are of us.”

Most importantly — and most revolutionary — he argued that instead of defaulting to saying “no” all the time, and throwing up as many obstacles as possible, security people should always start with “yes, and here’s how we can help.” The fact this is so different from today’s practice that it actually sounds comical says a lot, none of it good.

The sad truth is that still, today, in the real world of enterprise software, security as most employees and vendors encounter it tends to be at least as performatively useless as the “take off your shoes & take out your liquids” security theater of American airports. The horror stories are legion. You have your own, I’m sure. Who doesn’t?

A couple more: Once a movie studio who wanted us to do some minor web-development work, for ancillary web sites with no real connection to their intellectual property, told us we would not be able to do anything unless our (primarily remote) workforce had continuous keycard access to, and closed-circuit camera coverage of, every computer which might work on these sites … then intimated that what they really needed was just for those boxes to be checked, not for any of that to actually happen.

Another time, a big company insisted that we become SOC-2 compliant — SOC-2 being a standard birthed not in tech but in accounting, and seemingly primarily designed to provide full employment for accountants rather than, you know, meaningful security standards and processes — without caring which, if any, of SOC-2’s five “trust services” we were talking about; they just needed to tick the “SOC-2 compliant” box on their list of vendors.

It doesn’t have to be this way. Security people could be contributors, rather than gatekeepers. And if they were, everyone would find it easier, more rewarding, and more intuitive to contribute to security. Siloed security bureaucracies aren’t just slow and frustrating; in the long run they are inherently a more fundamental threat to the security of the companies infested by them than any exterior hacker or even APT ever could be. It’s long past time we all learned that lesson.

The first Note was a spectacle. It wasn’t just the reintroduction of the stylus. In 2011, the idea of a 5.3 inch phone was laughable. Around the same time, Steve Jobs famously mocked a push toward 4-inch-plus phones, telling a press conference, “no one’s going to buy that.”

With the average phone size hovering about 5.5 inches these days, Samsung clearly won that round. Of course, the push has been helped considerably by an ever-improving screen-to-body ratio. Jobs’ concerns about not being able to get one’s hand around a device no longer apply to a majority of these handset.

Today in Brooklyn, Samsung is pushing things even further, with the introduction of a new subset of Galaxy Note devices. The Note 10+ is a 6.8 inch device. Among other things, the introduction of a new model differentiates the line slightly from Samsung’s other flagship line. The earlier arrival of an S Plus model meant that the S Pen was essentially the only distinguishing factor here.

https://techcrunch.com/2019/08/07/this-is-samsungs-galaxy-note-10-and-10/

Having spent some time with both Note 10 models, I can say I’m impressed with what the company has managed to do from a design perspective. The 10+ impressively has roughly the same footprint as the 6.4 inch Note 9, making carrying around such a massive device that much less absurd.

What’s really interesting here, however, is that the company took the rare action of actually shrinking down the standard Note from 6.4 to 6.3 inches. Weird, right? Yeah, well, these are weird times, friend.

The thinking behind the smaller screen was apparently to make the device more accessible to first time buyers. That seems a bit silly when talking about a literal fraction of an inch, but the improved screen-to-body ratio makes it that much smaller.

Here are the main distinctions between the two models:

• Note 10: Display 6.3-inch FHD+ AMOLED, 2280×1080 (401ppi); Note 10+: 6.8-inch Quad HD+ AMOLED 040×1440 (498ppi)
• Note 10: 3,500mAh battery; Note 10+: 4,300mAh battery
• Note 10: 8GB RAM, 256GB storage; Note 10+: 12GB RAM, 256GB storage (with 512GB option)
• The Note 10+ also has an additional TOF sensor on the rear camera array for depth sensing and an optional 5G model
• Note 10: Starts at $949 ; Note 10+: Starts at $1,100

Next month marks three years since Apple unceremoniously murdered the headphone jack. Courage. The company was roundly mocked for the its own hype, and the interviewing product cycles have been marked by several companies proudly showcasing their staunch refusal to cave.

None were more vocal about clinging to the 3.5mm jack than Samsung. And the company certainly deserves kudos for turning the once ubiquitous port into a distinguishing feature. Like I said a couple of weeks ago, if nothing else, Samsung ought to get a bit of credit for the continuing high quality of the headphones it bundles in with its flagships. It’s been an Apple blindspot, while Samsung has cancelled with comfortable, quality, AKG-branded headphones.

Never forgot were you were at 4PM ET on August 7, 2019. That’s when the torch carrier finally extinguished the flame at the tail end of the dongle decade. The Note 10 is here and the headphone jack is gone.

https://techcrunch.com/2019/08/07/this-is-samsungs-galaxy-note-10-and-10/

You already know the whys. Apple discussed them three years ago. So did Google after quickly reversing its own foot dragging on the Pixel line. But Samsung has had well over three years to prepare for this inevitable moment. The company knew there were would be a little egg on its face after a few years of talking up the port. But when you’ve been through a Galaxy Fold relaunch and two Note recalls, this is a veritable cakewalk.

Samsung’s primary driver here is the same as everyone else: space. The Note 10 and Note 10+ are big phones with big batteries (3,500mAh and 4,300mAh, respectively). For reasons that are clear for anyone who’s been following the line for some time, the company hit pause on the battery race for a while there, focusing instead on safety issues.

With that particular crisis well in the past now, however, battery life is once again central — as it should be. In order to make more room for mAhs, the company dropped the port and picked up the dongle. The tipping point, it says, came when its internal metrics showed that a majority of users on its flagship devices (the S and Note lines) moved to bluetooth streaming. The company says the number is now in excess of 70 percent of users.

I’ll be honest, that surprises me a bit, even now that bluetooth headphones are far cheaper and more plentiful than just three years ago. And no doubt the number changes fairly dramatically when you start talking about entry- and mid-tier devices. The company wouldn’t come out and say it, but it seems this dramatic shift also marks the end of the jack for S series devices, when the S11 starts shipping next year.

As for the dongle, turns out it won’t ship in box. That’ll cost you extra. But the good news is that the Note will ship with a USB-C version of its excellent (by free in-box standards) AKG headphones. Also, Samsung is one of eight million or so companies currently making bluetooth headphones.

And theirs are actually pretty good, turns out.

Eight years later, the Galaxy Note is undeniable. The original device, unveiled at IFA 2011, seemed unfathomably massive for a handset — all 5.3 inches of it. Nearly a decade and hundreds of millions of handsets later, the line has transformed the way we think about mobile devices.

Sure the stylus hasn’t become a mainstream element on handsets outside of Note devices, but much the rest of the industry has come around to Samsung’s way of thinking about big screens and productivity. Even foot-dragging Apple ultimately gave in. These days, the average screen size hovers about the 5.5-inch mark.

With the battle of screen sizes long since won, Samsung has an entirely different battle on its hands. With the smartphone market plateauing — and even receding — for the first time ever, companies have a difficult task on their hands. How can they make continually compelling offerings every six months?

The truth is that companies have painted themselves into a corner. Smartphones have gotten so good that users don’t need to upgrade nearly as frequently. The good ones have also gotten extremely expensive, regularly starting north of $1,000. Between the S and Note series, Samsung has moved to a six-month release cycle, with the respective phones being used to funnel new features to both lines every half a year. In the process, the company has blurred the lines between the two, with the S Pen remaining the one true differentiator between devices.

With the introduction of the Note 10 and Note 10+, however, Samsung is attempting to broaden the appeal of its secondary flagship. Like the S line, the Note has been split into two distinct devices (well, three, when you factor in 5G — more on that later). The standard Note 10 marks a rare step down in screen size — though only slightly.

The base-level Note downgrades from 6.4 to 6.3 inches. Why? Samsung believes a move to a slightly smaller form factor makes the device that much more accessible. It’s a small concession, a literal fraction of an inch. But when you consider the fact that the newly introduced Note 10+ has roughly the same footprint as the Note 9, you begin to realize how much more compact the Note 10 is.

That’s one thing Samsung has progressively gotten better at, year in, year out. The screen to body ratio on the new Notes is impressive. I’ve read a fair amount of critical hindsight recently about how the first Note was received as being “too large.” The fact of the matter is that it was massive, even by today’s standard. Sure, 5.3-inch is nothing in terms of screen size in 2019, but back then that required a lot more phone.

You’ve likely seen plenty of renders of the device before now — and they’ve basically all proven to be true. It’s a nice-looking phone. Samsung’s leaned in further on the curves, leaving little to no bezel on the thing. The cutout camera on the S10+ has been ditched in favor of a single small hole punch floating in the center (Samsung tells me it’s ditched the dual-selfies in favor of improving the single one via software, machine learning and the like).

Also notably missing is the headphone jack. After years of mocking Apple and its ilk, the company’s inevitably eating a bit of crow on this one. The tipping point is two-fold. First, big batteries are back, at 3,500mAh on the 10 and 4,300mAh on the 10+. For reasons you know but we won’t get into here, Samsung put the larger battery on hold for a bit, in favor of additional safety precautions.

https://techcrunch.com/2019/08/07/the-headphone-jack-dies-not-with-a-bang-but-a-note/

The other big factor is the Bluetooth tipping point. The company says a majority of flagship owners are now listening to music through a wireless connection (anecdotally around 70+%). Obviously that figure drops when dealing with less expensive handsets — people buying mid- and low-tier devices are still less inclined to shell out for Bluetooth headphones. Expect Samsung to blow through this bit of news pretty quickly at today’s event.

To help ease the shift, Samsung is including a pair of USB-C AKG headphones in the box. No dongle in-box, though. That’ll cost you.

Also gone is the standalone Bixby button. Instead, the power button summons Bixby with a long press. You can still remap that function, as well. Samsung is still pumping money into its smart assistant, but has generally acknowledged the lukewarm presence.

But enough of what we’re missing, right?

The back of the device (which sports some lovely new prism color schemes) sports a triple-camera area. There’s a 16 megapixel ultra wide, 12 megapixel standard wide angle and 12 megapixel telephoto. The 10+, meanwhile, brings a time of flight sensor, for added depth detection. It’s one of a small handful of distinctions between the models, including screen and battery size.

The TOF sensor brings a 3D scanner feature to the camera, so users can scan an object and turn it into a moveable render. Honestly, that one still feels pretty niche. The company adds that there are some additional potential AR features there, though those will be in the hands of developers.

Zoom-In Mic is a cool addition to video, which uses the mic array to direct sound recordings to the spot where you’ve focused the camera. That will be a cool one to test out when we get more time with the phone in the near future. Night Mode, meanwhile, has been added to the 10 megapixel front-facing camera for all of those low-light selfies.

AR Doodle is one of the neater camera software add-ons, letting users scribble on spots in space with the S Pen or add images and masks to faces. Move the phone around the room and they maintain their position. Add that one to the fun-but-not-particularly-useful list of AR applications.

The S Pen itself has shifted to a more solid unibody design. Samsung has also added the ability to create custom gestures with the input device On the software front the main addition is better handwriting recognition. I tried it out and it did a pretty solid job with my horrible chicken scratch.

DeX continues to be a a key piece of the puzzle for Amazon. Here that includes new drag and drop capabilities between the Note and a connected Mac or PC. The company says the feature is much improved over past attempts at Android/desktop functionality. Honestly, the DeX branding is getting a bit cloudy at this point — that’s only made more murky by the addition of a non-DeX Link to Windows feature that brings notifications and messages straight to a connected Windows 10 PC.

That’s more of a minor branding quibble, though.

Inside you’re getting the Qualcomm Snapdragon 855 (not plus, mind), coupled with 8GB of RAM on the 10 and 12GB on the 10+. Both versions feature a base 256GB of storage (no microSD), while the 10+ also has a 512GB version.

As usual, nothing too major to complain about here. The Note 10 feels like a pretty small upgrade in the grand scheme of things. The biggest news this time out is the addition of a second, XL size.

Pre-orders open tomorrow, August 8th for both. They’ll be in stores on the 23rd. The 10 starts at $950 and the 10+ starts at $1,100. Pre-order deals include accessories like the Charging Duo pad and Galaxy Watch Active.

There’s a 5G version of the Note 10+ available, as well, at the same time. That’s going to be a Verizon exclusive at launch, however, with pricing still TBD.

The 5G iPhone isn’t expected until roughly this time next year. But when it comes to the next-gen cellular technology, Samsung has already been there and done that. Back in the February, the company announced an everything and the kitchen sink version of the Galaxy S10, sporting 5G — its first device to do so. The model was finally made available last month.

At this afternoon’s Unpacked event in Brooklyn, the Note got its own 5G version — though the device got a little less time in the spotlight. That’s due, in part, to the 5G model is otherwise very little daylight between it and the standard Note 10+. Well, that and pricing, of course.

The device launches August 23 as a Verizon exclusive, running $1,300 to the standard version’s $1,100. The carrier partnership means there’s also a $36 a month for 36 months licensing model here.

Other details, including how the product’s battery will last with 5G switched on, are still TBD. Thankfully the Note 10+ has a pretty beefy 4,300mAh battery as a base. The devices also feature Samsung’s standard vapor chamber cooling system, which will hopefully address some of 5G’s overheating issues.

As with the other versions, pre-orders open at midnight tonight, and all will be available in stores on the 23. The exclusivity is limited. The companies won’t say which carriers will get it when, but I’d say AT&T seems like a pretty safe bet.

Tesla’s claims about the safety of its Model 3 electric vehicle prompted U.S. regulators to send a cease-and-desist letter and escalate the matter by asking the Federal Trade Commission to investigate, according to documents released by the non-profit legal transparency website Plainsite.

The documents show correspondence between the lawyers at National Highway Safety Administration and Tesla that began after the automaker’s October 7 blog post that said the Model 3 had achieved the lowest probability of injury of any vehicle the agency ever tested. Plainsite received the documents through a Freedom of Information Act request.

NHTSA took issue with the blog post, arguing that the Tesla’s claims were inconsistent with its advertising guidelines regarding crash ratings. The matter might have ended with that demand. But NHTSA took the issue further and informed Tesla it would ask the Federal Trade Commission to weigh in.

“This is not the first time that Tesla has disregarded the guidelines in a matter that may lead to consumer confusion and give Tesla an unfair market advantage,” the letter dated October 17 reads. “We have therefore also referred this matter to the Federal Trade Commission’s Bureau of Consumer Protection to investigate whether these statements constitute unfair or deceptive acts or practices.”

Tesla did not respond to a request for comment.

The automaker’s lawyers did, however, push back against NHTSA’s request, according to the correspondence released by Plainsite. Tesla lawyers argue in one letter that the company’s statements were neither “untrue nor misleading.”

“To the contrary, Tesla has provided consumers with fair and objective information to compare the relative safety of vehicles having 5-star overall ratings,” the letter from Tesla’s deputy general counsel.

The documents posted by Plainsite also showed NHTSA requested sales data on all Tesla vehicles produced since July 2016 with or without Autopilot, the automaker’s advanced driver assistance system. The agency also issued subpoenas to Tesla ordering it to produce information on several crashes, including a January 25, 2019 crash in San Ramon, Calif. The subpoenas requested information about the vehicle, its owner, history, and videos and images related to the crash and were to be sent to NHTSA’s Office of Defects Investigations.

Disrupt San Francisco 2019 takes place on October 2-4. More than 10,000 people — tech founders, investors, hackers, leaders, makers and shakers — will gather for three days focused on early-stage startups. And if you work for a government agency or a nonprofit, we have great news in the form of a deep discount on Innovator passes.

We want as many different voices at the Disrupt table as possible, so take advantage of this opportunity and let your voice be heard. Your price of admission: $495, which saves you $800 over the early-bird price. Only your Innovator pass is discounted — not your Disrupt experience.

You’ll have access to the full conference and all the programming across the Main Stage, the Extra Crunch Stage, the Showcase Stage and Q&A sessions. That includes Startup Battlefield, our epic pitch competition, where extraordinary startups compete for $100,000.

Explore more than 1,000 early-stage startups and sponsors camped out in Startup Alley, participate in interactive workshops and network, network, network. Speaking of networking, you can use CrunchMatch, our free attendee networking platform, to seek out and make appointments with the people who can move your business forward.

Your pass also gets you into the always-awesome TechCrunch networking events. When the conference ends, you also have access to our library of event video content, so no worries if you miss anything.

And in a classic “but wait, there’s more” moment, your Innovator pass also gives you access to discounted airline fares and hotel rooms. Ka-ching.

That’s a whole lotta value, amirite? And now here comes the fine print.

All discounted tickets are non-refundable, and you can’t combine them with any other offer. To qualify for the discount, you must be a current, full-time employee of a nonprofit organization, a federal, state or local government agency, an international government agency or be an active military member.

Nonprofit employees must provide their email address from their organization during the online registration process. Government employees must provide their valid .gov email address during the registration process.

At the on-site registration check-in, you must show proof of current employment at your nonprofit (copy of 501c3 documentation) or government organization. Government contractors, including contractors working on government “Cost Reimbursable Contracts,” are not eligible for the government discount.

We accept the following forms of valid government ID:

• Government-issued Visa, MasterCard or American Express
• Government picture ID
• Military picture ID
• Federally Funded Research Development Corp (FFRDC) ID

If you don’t present valid nonprofit documentation or government ID at registration, you’ll have to pay the full on-site price ($1,995).

Disrupt San Francisco 2019 takes place on October 2-4, and we have a limited number of these tickets. Buy your discounted Innovator pass today and secure your place at the table.

The Trump administration has banned U.S. federal agencies from buying equipment and obtaining services from Huawei and two other companies as part of the government’s latest crackdown on Chinese technology amid national security fears.

Jacob Wood, a spokesperson for the White House’s Office of Management and Budget, was quoted as saying that the administration will “fully comply” with the legislation passed by Congress as part of a defense spending bill passed last year.

CNBC first reported the spokesperson’s remarks.

The new rule will take effect in a week — August 13 — and will also take aim at Chinese tech giants ZTE, Hytera, and Hikvision, amid fears that the companies could spy for the Chinese government. The rule comes in a year before Congress’ mandated deadline of August 2020 for all federal contractors doing business with Huawei, ZTE, Hytera, and Hikvision.

The government will grant waivers to contractors on a case-by-case basis so long as their work does not pose a national security threat.

Huawei has long claimed it does not nor can it spy for the Chinese government. Critics, including the government and many lawmakers, say the company’s technology, primarily networking equipment like 5G cell stations, could put Americans’ data at risk of Chinese surveillance or espionage. Huawei has vigorously denied the allegations, despite findings from the U.K. government that gave a damning assessment of the technology’s security.

The company first came to focus in 2012 following a House inquiry, which labeled the company a national security threat.

Spokespeople for Huawei and ZTE did not respond to requests for comment.

If you go back about a decade, Hadoop was hot and getting hotter. It was a platform for processing big data, just as big data was emerging from the domain of a few web-scale companies to one where every company was suddenly concerned about processing huge amounts of data. The future was bright, an open source project with a bunch of startups emerging to fulfill that big data promise in the enterprise.

Three companies in particular emerged out of that early scrum — Cloudera, Hortonworks and MapR — and between them raised more than $1.5 billion. The lion’s share of that went to Cloudera in one massive chunk when Intel Capital invested a whopping $740 million in the company. But times have changed.

Falling hard

Just yesterday, HPE bought the assets of MapR, a company that had raised $280 million. The deal was pegged at under $50 million, according to multiple reports. That’s not what you call a healthy return on investment.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. Disney will bundle Hulu, ESPN+ and Disney+ for a monthly price of $12.99

Disney’s streaming services just became even more appealing, since you’ll be able to get the full bundle for the same price as Netflix’s standard U.S. plan.

On its own, Disney+ will cost $6.99 per month, and it will include a big chunk of the Disney-Fox content library, as well as new shows set in the Star Wars and Marvel universes.

2. Twitter ‘fesses up to more adtech leaks

Twitter may have shared user data with advertising partners, even when a user had expressly told it not to.

3. Trump attacks Google and Sundar Pichai in morning tweets

Frankly, just copy-pasting that headline made me feel tired, but these kinds of comments could have a real impact on Google’s plans.

4. FedEx ends ground-delivery contract with Amazon

This means FedEx will not be providing any last-mile delivery service for Amazon, which is expanding its own shipping capabilities considerably.

5. In a 130-page court filing, Kik claims the SEC’s lawsuit ‘twists’ the facts about its online token

The Securities and Exchange Commission filed a lawsuit claiming that Kik’s $100 million token sale was illegal. Now the company filed a 130-page response, asking for an early trial date and dismissal of the complaint, while also alleging that the SEC is “twisting” the facts about its token, called Kin.

6. What tech gets right about healthcare

Why is tech still aiming for the healthcare industry? It seems full of endless regulatory hurdles, not to mention stories of misguided founders with no knowledge of the space. But sometimes, startups figure it out. (Extra Crunch membership required.)

7. Segment CEO Peter Reinhardt is coming to TechCrunch Sessions: Enterprise to discuss customer experience management

As part of a panel that includes Qualtrics’ Julie Larson-Green and Adobe’s Amit Ahuja, Reinhardt will discuss the difficulties companies face in collecting data to build a picture of the customer, then using it to deliver more meaningful experiences.