Author: azeeadmin

In September, Amazon launched its Alexa Gadgets Toolkit into beta, allowing hardware makers to build accessories that pair with Amazon Echo over Bluetooth. Today, one of the most memorable (and quite ridiculous) examples of that technology is going live. Yes, I’m talking about the Alexa-enabled Big Mouth Billy Bass, of course. You know, the talking fish that hangs on the wall, and has now been updated to respond to Alexa voice commands?

Amazon first showed off this technology over a year ago at an event at its Seattle headquarters, then this fall confirmed the talking fish would be among the debut products to use its new Alexa Gadgets Toolkit.

The toolkit lets developers build Alexa-connected devices that use things like lights, sound chips or even motors, in order to work with Alexa interfaces like notifications, timers, reminders, text-to-speech, and wake word detection.

The talking fish can actually do much of that.

According to the company’s announcement, Big Mouth Billy Bass can react to timers, notifications, and alarms, and can play Amazon Music. It can also lip sync to Alexa spoken responses when asked for information about the weather, news, or random facts.

And it will sing an original song, “Fishin’ Time.”

When the gadget is plugged in and turned on, it responds: “Woo-hoo, that feels good!”

(Oh my god, who is getting this for me for Christmas?)

“This is not your father’s Big Mouth Billy Bass,” said Vice President of Product Development at Gemmy Industries, Steven Harris, in a statement about the product’s launch. “Our new high-tech version uses the latest technology from Amazon to deliver a hilarious and interactive gadget that takes everyday activities to a fun new level.”

The fish can be wall-mounted on displayed using an included tabletop easel, the company also says.

The pop culture gag gift was first sold back in 1999, and is now updating is brand for the Alexa era.

Obviously, Big Mouth Billy Bass is not a product that was ever designed to be taken seriously – but it should be interesting to see if the updated, “high-tech version” has any impact on this item’s sales.

The idea to integrate Alexa into the talking fish actually began in 2016, when an enterprising developer hacked the fish to work with Alexa much to the internet’s delight. His Facebook post showcasing his work attracted 1.8 million views.

The Alexa-connected fish is $39.99 on Amazon.com.

(h/t Business Insider)

The legal bill for Uber’s 2016 data breach, which affected some 57 million customers, revealing names, email address and phone numbers, has increased by more than a million dollars.

Two months ago the ride-hailing giant agreed to pay $148M to resolve legal inquiries pertaining to the breach in the U.S., with that settlement covering all 50 states and the District of Columbia.

However the breach also involved European users’ data. And yesterday the UK’s data protection watchdog, the ICO, announced it was fining Uber £385,000 (~$490k) under the domestic legal regime.

The Dutch data protection watchdog also issued a fine yesterday, slapping Uber with a €600k (~$670k) penalty for violating local laws.

On the EU law front, Uber has dodged a bit of bullet here as the timing of the breach falls under both country’s prior data protection regimes.

In the UK the maximum penalty was just £500k vs up to 4% of a company’s global annual turnover under the EU’s new General Data Protection Regulation (GDPR).

A proportionately large fine under GDPR would likely have been considerably larger.

The ICO notes that the records of almost 82,000 drivers based in the UK — including details of journeys made and how much they were paid — were taken during the breach incident which took place in October and November 2016 but which Uber only publicly disclosed a year ago.

While in the Netherlands the regulator notes that the breach affected 174,000 Dutch citizens.

GDPR has also brought in pan-EU breach disclosure requirements, which mean data controllers must now notify relevant authorities within 72 hours of a major breach affecting European citizens’ personal data. And data controllers can be fined for delaying a breach notification.

The UK watchdog said its investigation of the 2016 Uber breach found ‘credential stuffing’ was used to gain access to Uber’s data storage — referring to a process by which compromised username and password pairs are injected into websites until they are matched to an existing account.

However the watchdog also makes a point of underlining Uber’s problematic handling of the incident, couching this as “inadequate decision-making”, not merely censuring Uber’s also “inadequate” security.

Instead of disclosing the breach in a timely fashion Uber chose to pay $100,000 to hackers who had obtained the cache of personal data, asking them to destroy it, and routing this payment through a third party that administers its bug bounty program.

The ICO describes this cover-up as “inappropriate”, pointing out that the hackers acted maliciously, as they sought to exploit a vulnerability to illegally gain access to data — so were not at all “legitimate bug bounty recipients”.

Commenting in a statement, ICO director of investigations, Steve Eckersley, said: “Paying the attackers and then keeping quiet about it afterwards was not, in our view, an appropriate response to the cyber attack. Although there was no legal duty to report data breaches under the old legislation, Uber’s poor data protection practices and subsequent decisions and conduct were likely to have compounded the distress of those affected.”

“This was not only a serious failure of data security on Uber’s part, but a complete disregard for the customers and drivers whose personal information was stolen. At the time, no steps were taken to inform anyone affected by the breach, or to offer help and support. That left them vulnerable,” he added.

In the full decision text detailing the reasons for the monetary penalty the ICO also writes that its intent is to “deter further contraventions of this kind, both by Uber and by others”.

The Dutch watchdog also flags Uber’s failure to promptly disclose the breach as grounds for its fine.

We reached out to Uber for comment and a spokesman emailed us the following statement:

We’re pleased to close this chapter on the data incident from 2016. As we shared with European authorities during their investigations, we’ve made a number of technical improvements to the security of our systems both in the immediate wake of the incident as well as in the years since. We’ve also made significant changes in leadership to ensure proper transparency with regulators and customers moving forward. Earlier this year we hired our first chief privacy officer, data protection officer, and a new chief trust and security officer. We learn from our mistakes and continue our commitment to earn the trust of our users every day.

Uber did not respond to a request for comment on the ICO’s description of its cover-up as “inappropriate”.

Google may have dodged a raised right hand moment on the Hill this year as top executives from Twitter and Facebook faced Congress, but the company will now have its own time in the hot seat.

First reported by the Washington Post, Google CEO Sundar Pichai will appear before the House Judiciary Committee on December 5, just one week from today. TechCrunch has confirmed Pichai’s planned appearance. While there are any number of reasons that Congress might want to hear from Google, Pichai’s appearance will reportedly serve as a response to unsubstantiated claims that Google has an anti-conservative bias.

Pichai agreed to testify some time this year back in September at the request of House Majority Leader Kevin McCarthy, one vocal critic who has accused the company of algorithmic bias. While that issue might still be at the forefront for some committee Republicans, getting the company’s chief executive on the stand will open the entire can of worms on Google’s recent controversies.

For Google, a lot has happened since September. For one, the company is still dealing with internal and external criticism about its plans to build a search engine tailored to meet China’s censorship specifications. In October Google also revealed that it was aware of a bug in Google+ that exposed user data dating all the way back to 2015. As recently as this month, Google has been dealing with walkouts and a widespread backlash against its handling of sexual harassment cases within the company. And that’s just to name a few.

Needless to say, Pichai will have plenty to answer for in his time on the witness stand. Assuming the plan goes forward, we can expect House Republicans and Democrats alike to come out swinging on their pet issues in a likely lengthy and wide-ranging testimony.

Augmented reality is a very buzzy space, but the fundamental technologies underpinning it are pushing boundaries across a lot of other verticals. Tech like machine learning, object recognition and visual mapping tech are the pillars of plenty of new ventures, enabling there to be companies that thrive in the overlap.

Phiar (pronounced fire) is building an augmented reality navigation app for drivers, but the same tech it’s built to help drivers easily pinpoint where they need to make their next turn also helps them build up rich mapping data that can give partners like autonomous car startups the high-quality data they so deeply need.

The SF-based company has just closed a $3 million seed deal led by Norwest Venture Partners and The Venture Reality Fund. Other investors include Anorak Ventures, Mayfield Fund, Zeno Ventures, Cross Culture Ventures, GFR Fund, Y Combinator, Innolinks Ventures and Half Court Ventures.

While phone and headset-based AR have received a lot of the broader media attention, the automotive industry is a central focus for a lot of augmented reality startups attracted by the proposition of a mobile environment that can showcase and integrate bulky tech. There have certainly been quite a few heads-up display startups looking to take advantage of a car’s windshield real estate, and prior to joining Y Combinator, Phiar was actually looking to build some of this hardware themselves before deciding on a more software-focused route for the company.

Unlike a lot of phone AR apps built on top of Apple or Google’s developers platforms, Phiar’s use case doesn’t quite work with the limitations of these systems which understandably weren’t built with the idea a user would be moving at 60 miles per hour. As a result the company has had to build tech to greater understand the geometry of a quickly updating world through a single camera while ensuring that it’s not just some ugly directional overlay, using techniques like real-time occlusion to ensure that the digital and physical worlds interact nicely.

While the startup’s big consumer-facing play is the free AR mobile app, Phiar is really just an augmented reality company on the surface, its real sell is what it can do with the data and insights gathered from an always-on dash camera. The same object recognition tech that will allow the app to seamlessly toss AR animations onto the scene in front of you is also analyzing that environment and uploading metadata to build up its mapping insights.

In addition, the app saves up to 30 minutes of footage from each ride, offering users the utility of a free dash cam in case they get in an accident and need video for an insurance claim, while providing some rich anonymized data for the company to build up high quality mapping data it can sell to partners.

This kind of data is incredibly useful to companies building autonomous car tech, ride sharing companies and a lot of entities that are interested in access to quickly-updating map data. The challenge for Phiar will be building up enough users so that their map data is as rich as their partners will demand.

CEO Chen-Ping Yu says that the startup is in talks with partners in the automative space to integrate their tech and is also working to bring what they’ve built to companies in the ride-sharing space. Yu says the company plans to release their consumer app in mid-2019.

More than a year after patches were released to thwart powerful NSA exploits that leaked online, hundreds of thousands of computers are unpatched and vulnerable.

First they were used to spread ransomware. Then it was cryptocurrency mining attacks. Now, researchers say that hackers are using the leaked tools to create an even bigger malicious proxy network.

New findings from security giant Akamai say that the previously reported UPnProxy vulnerability, which abuses the common Universal Plug and Play network protocol, can now target unpatched computers behind the router’s firewall.

Attackers traditionally used UPnProxy to remap the port forwarding settings on an affected router, allowing the obfuscation and routing of malicious traffic — which can be used to launch distributed denial-of-service attacks or spread malware or spam. In most cases, computers on the network were unaffected because they were shielded by the router’s network address translation (NAT) rules.

But now, Akamai says that attackers using more powerful exploits to burrow through the router and infect individual computers on the network. That gives the attackers a far greater scope of devices it can target, and makes the malicious network far stronger.

“While it is unfortunate to see UPnProxy being actively leveraged to attack systems previously shielded behind the NAT, it was bound to happen eventually,” said Akamai’s Chad Seaman, who wrote the report.

The injections use two exploits — EternalBlue, a backdoor developed by the National Security Agency to target Windows computers; and its “sibling” exploit EternalRed, used to backdoor Linux devices, found independently by Samba. Where UPnProxy modified the port mapping on a vulnerable router, the Eternal family of exploits target the service ports used by SMB, a common networking protocol used on most computers.

Together, Akamai calls the new attack “EternalSilence,” drastically expanding the spread of the proxy network to many more vulnerable devices.

Akamai says more than 45,000 devices are already under the thumb of the massive network — potentially amounting to over a million computers, waiting for commands.

“The goal here isn’t a targeted attack,” said Seaman. “It’s an attempt at leveraging tried and true off the shelf exploits, casting a wide net into a relatively small pond, in the hopes of scooping up a pool of previously inaccessible devices.”

But Eternal-based intrusions are difficult to detect, making it difficult for administrators to know if they’re infected. That said, fixes for both EternalBlue and EternalRed have been available for more than a year — yet millions of devices remain unpatched and vulnerable.

The number of vulnerable devices is going down, but Seaman said that UPnProxy’s new capabilities “may be a last ditch effort to utilize the known exploits against a set of possibly unpatched and previously inaccessible machines.”

Patching against the Eternal exploits is better late than never, but it’s not a silver bullet to fixing the problem. Even disabling UPnP isn’t a one-stop solution. Seaman said it’s “the equivalent of plugging the hole in the boat, but it does nothing to address the water that has made it into your sinking ship.”

Flashing an affected router and disabling UPnP may remediate the issue, but Seaman said in his opinion that the router should probably be “completely replaced.”

Earlier this year, Rebecca Liebman impressed a panel of high-profile investors, including Ashton Kutcher and Salesforce chief executive Marc Benioff, at a SXSW pitch competition. She won and Benioff wrote her a check for $200,000 on the spot.

Today, she’s announcing that her educational fintech startup LearnLux has closed a $2 million seed round from Kutcher’s investment firm Sound Ventures, Benioff, Underscore VC and former Wealthfront CEO Adam Nash. LearnLux operates under a SaaS model, partnering with businesses to offer access to its digital financial wellness product, which helps employees make important financial decisions.

The Boston-based startup was founded by Liebman, 25, and her brother, Michael Liebman, 22, in 2015.

“He was coding from his dorm room when we were first building the product,” Rebecca said. “We’ve had a really interesting experience from a young age. I was working at a lab at MIT with brilliant Ph.D. students and no one could figure out how to open a retirement account. Michael was working at a bank with people who studied finance who still couldn’t figure out how to open a retirement account.”

LearnLux provides interactive learning tools and educational content created in-house to guide workers through their 401k, health savings accounts or stock options, for example. Rebecca says they’ve signed on 10 customers since launching in September.

“There are all these financial decisions you have to make and we allow you to have an interactive experience online where you can playout what those decisions will look like,” she said.

“Finance has been made to confuse people. We had to figure out how to break it down and explain it in a way that makes sense … Whatever kind of learner you are, you will understand more about your financial decisions with [LearnLux.]”

After eight years of bootstrapping, Deputy sought scale. So the workforce management platform turned to venture capital, quickly raising a $25 million Series A in early 2017. Today, Deputy is announcing a major accomplishment: the close of an $81 million round — the largest Series B in Australian history.

IVP has led the investment for the Sydney and Atlanta-headquartered company, with support from OpenView Venture Partners, Square Peg Capital and Equity Venture Partners. Deputy plans to invest the funds in engineering and product, building out those teams in both HQs.

Co-founder and chief executive officer Ashik Ahmed declined to disclose the valuation.

Deputy’s employee management tool makes scheduling, timesheets, tasks and workplace communication easier for hourly and shift workers. Ahmed tells TechCrunch the 10-year-old company has 90,000 customers in 80 countries, including Amazon, Google, McDonald’s, Compass and Uber. It’s scheduled some 200 million shifts, or 1.2 billion hours of work, and facilitated over $30 billion in payroll payments.

“Right now, the company grows every month as much as we did in [the first] six years,” Ahmed said. “Our growth … has really skyrocketed.”

Ahmed credits that growth to support from VCs.

“It’s not about the money but more about the expertise that we have been able to bring in,” he said. “OpenView, for example, has been really, really instrumental for the next stage of our journey.”

Deputy co-founder and CEO Ashik Ahmed.

Around the globe, most workers earn money on an hourly basis. In the U.S., according to the Bureau of Labor Statistics’ data from 2015, roughly 80 million workers were hourly or about 60 percent of all wage and salary workers in the country.

“The world of work is changing,” he said. “We are becoming more about instant gratification, we want what we want when we want it, and work is no different.”

“If businesses of today do not recognize the change that is happening, if they don’t adapt to it, they will become irrelevant tomorrow. Our goal is to help our customers adapt to this change by offering more flexibility in how they engage their workers. Our vision is to help these businesses thrive in the future world.”

The Boring Company’s big dig plans hit a snag this week, as the Elon Musk-led project announced that it would abandon plans to dig a massive tunnel beneath Los Angeles’ 405 freeway and Sepulveda Boulevard.

Musk and co. debuted the plan to drill on L.A.’s Westside last year, but ultimately reversed course after local lawsuits looked to subject the project to a review of its potential environment impact. The Boring Company had sought to fast track the proposed 2.7 mile tunnel, and a pair of city council members agreed.

“We cannot continue an item that’s going to delay innovation to our city,” one told The Los Angeles Times back in April. Ultimately, however, the suits have won out of this particular project.

“The parties (The Boring Company, Brentwood Residents Coalition, Sunset Coalition, and Wendy-Sue Rosen) have amicably settled the matter of Brentwood Residents Coalition et al. v. City of Los Angeles (TBC — The Boring Company),” the company writes in a statement sent to NBC.

In the next breath, however, it makes it clear that this move should in no way be regarded as the end of Musk’s L.A. digging plans. “The Boring Company is no longer seeking the development of the Sepulveda test tunnel and instead seeks to construct an operational tunnel at Dodger Stadium,” the statement adds.

The Boring Company finished work on a two-mile L.A. test tunnel earlier this month. Back in August, Musk proposed the Dodger Stadium project under the name “Dugout Loop,”  with plans to offer passage between the baseball stadium and a subway station three miles away.

Didi Chuxing, China’s largest ride-hailing company by number of users, has been struggling to recover from a major setback following the deaths of two passengers earlier this year. On Wednesday, its founder and CEO Cheng Wei released a letter detailing the company’s moves to step up safety oversight and meet new government rules, including a training program for drivers.

The Softbank-backed transportation giant, which acquired Uber’s China-based service in 2016 and was last valued at $56 billion, has been hit by a shortage of rides as regulators slashed stricter licensing requirements on drivers in the aftermath of the murders.

A number of Didi drivers who TechCrunch recently spoke to said they were considering quitting because the cost of compliance outweighs the return. Drivers need to, for instance, study and pass an exam to attain the desired papers. They must also register their car as a commercial vehicle and scrap it after eight years.

To attract drivers, Didi plans to offer training sessions and help them legalize, according to Cheng.

“We look forward to helping tens of millions of drivers to reach compliance goals and continue to work with us to meet the mobility demands of users and achieve sustainable long-term growth of the industry,” the CEO says in a statement.

There are still a large number of illegal rideshare drivers on the road, China’s Ministry of Transportation said during a joint meeting with the country’s internet security agency and other government organs on Wednesday. But that may change as soon as January 1 when Didi starts to ban unlicensed drivers from taking orders.

Other safety measures that Didi has taken include a continued suspension of its once popular carpooling service – which is linked to the passenger murders – Cheng announced today.

Didi isn’t the only ride-hailing firm facing increased regulatory scrutiny. During the government meeting, the Ministry of Transportation also lambasted smaller players, including state-owned Shouyue, Meituan Dianping’s ride-hailing app, and Alibaba’s AutoNavi, for lax safety practices.

Mission impossible: a new executive at LG is charged with fixing the company’s long-time loss-making smartphone division following a leadership change.

Hwang Jeong-hwan took the job as president of LG Mobile Communications last October, and this week he LG announced that he will be replaced by Brian Kwon, who is head of LG’s hugely profitable home entertainment business, from December 1.

“Mr. Kwon played a critical role in transforming LG’s TV, audio and PC business into category leaders and his knowledge and experience in the global marketplace will be instrumental in continuing LG’s mobile operations turnaround,” LG wrote in an announcement.

The company said Jeong-hwan had “successfully bolstered the operation’s quality assurance and product development efficiency.”

Those are interesting words, none of them mention the crisis that has seen LG’s mobile business continue to post big losses. This year to date, it lost the wider company some $410 million, including a $130.5 million net loss in the last quarter. In contrast, Kwon’s unit was the standout performer of the quarter, generating total sales of 3.71 trillion RKW ($3.31 billion) and a 325.1 billion KRW ($289.9 million) profit

That burn rate was cut during Hwang Jeong-hwan’s tenure, but it seems like there’s still much work to be done. Kwon — who LG describes as a “turnaround expert” — will combine his new role at the mobile business with his existing position as president of LG’s Home Entertainment Company. Hwang Jeong-hwan will move on to lead the company’s “Convergence Business Development Office.”

LG has also shuffled at the top of the tree. CEO Jo Seong-jin will “focus more on strategy and planning for the future” with president and CFO David Jung taking over a number of day-to-day responsibilities. LG has also restructured its vehicle component and business services divisions.