Author: azeeadmin

Ghostery is launching new versions of its browsers for iOS and Android. In fact, Director of Product Jeremy Tillman said this is the first big update to Ghostery’s mobile browsers in several years.

It’s not that mobile wasn’t a priority for the team before this, but Tillman said, “In our previous company, we didn’t have a ton of resources — we always had to choose which thing to work on.” Apparently that changed last year with Ghostery’s acquisition by German browser company Cliqz.

The first big launch after the acquisition was Ghostery 8, the latest version of the team’s privacy-focused extension for desktop browsers. Next up: Bringing those features over to mobile.

Tillman said the goal was to create “a browser that can go toe-to-toe with Chrome” while also incorporating Ghostery’s privacy protection capabilities. Those capabilities include the ability to block different kinds of ad tracking by category (tracking for advertising, adult advertising and site analytics are turned on by default).

There’s also a built-in ad blocker, and Ghost Search, a privacy-focused search engine based on Cliqz technology that does not store any personally identifiable information. (If you’re not satisfied with the Ghost Search results, you can also see results from other search engines.) The presentation is different from a standard search engine, with three “dynamic result cards” that surface content as soon as you start entering search terms. And there’s Ghostery Tab, a home screen that highlights your favorite or most visited sites, as well as the latest news stories.

The Android version includes additional features, including AI-powered anti-tracking and “smart blocking” that’s supposed to improve page performance.

Tillman described the result as “a cleaner, faster, safer mobile browsing experience.” He also said that moving forward, Ghostery will be working to provide “an ecosystem of products” that “protect our users wherever they’re interacting with the Internet.”

The launch comes as the big Internet platforms face growing scrutiny over how they handle user data. Tillman argued that by simply giving consumers a more privacy-friendly alternative, “We’re sort of collectively negotiating a better Internet for them” — and he’s hoping Ghostery can be more involved as publishers try to find alternatives to advertising.

“Our goal isn’t to, say, topple Google and Facebook, but to provide that alternative to those that want it — both for content creators but also for users themselves,” he said.

iOS 12 is still brand new, but Apple is already testing iOS 12.1 with a developer beta version. Steve Troughton-Smith and Guilherme Rambo found references to a brand new iPad that would support Face ID.

First, there are changes to Face ID. You can find references to landscape orientation in the iOS 12.1 beta. Face ID on the iPhone is limited to portrait orientation. Chances are you didn’t even notice this limitation because there’s only one orientation for the lock screen and home screen.

But the iPad is a different story as people tend to use it in landscape. And even when you hold it in landscape, some people will have the home button on the left while others will have the home button on the right.

In other words, in order to bring Face ID to the iPad, it needs to support multiple orientations. This beta indicates that iOS 12.1 could be the version of iOS that ships with the next iPad.

If that wasn’t enough, there’s a new device codename in the setup reference files. This device is called iPad2018Fall, which clearly means that a new iPad is right around the corner.

Analyst Ming-Chi Kuo previously indicated that the iPad Pro could switch from Lightning to USB-C. This would open up a ton of possibilities when it comes to accessories. For instance, you could plug an external monitor without any dongle and send a video feed to this external monitor.

As for iPhone users, in addition to bug fixes, iOS 12.1 brings back Group FaceTime, a feature that was removed at the last minute before the release of iOS 12. If it’s still too buggy, Apple could still choose to remove the feature once again. Memojis could support iCloud syncing across your devices, which would be useful for an iPad Pro with Face ID.

Leena AI, a recent Y Combinator graduate focusing on HR chatbots to help employees answer questions like how much vacation time they have left, announced a $2 million seed round today from a variety of investors.

Company co-founder and CEO Adit Jain says the seed money is about scaling the company and gaining customers. They hope to have 50 enterprise customers within the next 12-18 months. They currently have 16.

We wrote about the company in June when it was part of the Y Combinator Summer 2018 class. At the time Jain explained that they began in 2015 in India as a company called Chatteron. The original idea was to help others build chatbots, but like many startups, they realized there was a need not being addressed, in this case around HR, and they started Leena AI last year to focus specifically on that.

As they delved deeper into the HR problem, they found most employees had trouble getting answers to basic questions like how much vacation time they had or how to get a new baby on their health insurance. This forced a call to a help desk when the information was available online, but not always easy to find.

Jain pointed out that most HR policies are defined in policy documents, but employees don’t always know where they are. They felt a chatbot would be a good way to solve this problem and save a lot of time searching or calling for answers that should be easily found. What’s more, they learned that the vast majority of questions are fairly common and therefore easier for a system to learn.

Employees can access the Leena chatbot in Slack, Workplace by Facebook, Outlook, Skype for Business, Microsoft Teams and Cisco Spark. They also offer Web and mobile access to their service independent of these other tools.

Photo: Leena AI

What’s more, since most companies use a common set of backend HR systems like those from Oracle, SAP and NetSuite (also owned by Oracle), they have been able to build a set of standard integrators that are available out of the box with their solution.

The customer provides Leena with a handbook or a set of policy documents and they put their machine learning to work on that. Jain says, armed with this information, they can convert these documents into a structured set of questions and answers and feed that to the chatbot. They apply Natural Language Processing (NLP) to understand the question being asked and provide the correct answer.

They see room to move beyond HR and expand into other departments such as sales or customer service that could also take advantage of bots to answer a set of common questions. For now, as a recent YC graduate, they have their first bit of significant funding and they will concentrate on building HR chatbots and see where that takes them.

In the arms race of ad blocking there’s clearly never a dull moment as efforts to block ads are combated by publisher and platform countermeasures trying to fox the blocks.

This is why Adblock Plus maker, eyeo, says it’s getting more serious in how it tackles what it dubs “circumvention technologies” — by setting up an interdisciplinary team internally that’s devoted to countering the ad blocker blockers.

It also says it wants the team to “work alongside publishers to develop user-friendly alternatives to so-called circumvention technology” — which, at the base level, boils down to trying to sell them on signing up its Acceptable Ads whitelist, aka the official way to circumvent its ad blocks (which also involves paying it a fee).

Though it also talks about promoting other more ‘user-friendly’ alternatives to reinjecting ads (such as paywalls).

Prior to creating the anti-circumvention taskforce eyeo says efforts towards blocking circumvention of ad blocks were mostly carried out by interested others outside the company — aka the open source community, filter list authors and developers of other ad blockers — who worked together, along with some from within eyeo, to try to fox the would-be ad block foxers.

It also says that effort was “somewhat siloed” — whereas now it’s confident its interdisciplinary taskforce is going to be more effective, claiming: “The results have already spoken for themselves.”

One result that eyeo stands by (though it predates the creation of the taskforce) is successfully beating back Facebook’s efforts to slip its ads past Adblock Plus.

Ben Williams, director of advocacy at eyeo, confirms to TechCrunch it’s now just short of a year since it figured out a way to counter Facebook’s workaround for Adblock Plus ad blocks.

“We can almost promise our users that Facebook will be back with a fix to our fix,” he wrote in October last year. “The good news is that the ultimate eventuality here is Facebook moving to make ads indistinguishable from content. And it’s not likely they’ll go that far.”

Williams tells us now that the taskforce represents “an effort to provide users with a better experience and to show them our efforts in securing it”.

“The taskforce will respond to users and their requests for a better experience, wherever that may be. In general, we at eyeo welcome all conversations with publishers to support meaningful and respectful monetisation,” he said. “The task force is charged with finding technical solutions to third-party circumvention. At eyeo, our mission is to provide users with control when they’re online, while keeping the web fair and profitable.”

While eyeo accepts that the number of circumvention technologies in play has increased, presumably as increasingly revenue-strapped publishers seek ways to workaround ad blocks, it argues that going against the wishes of users is “ineffective, and ultimately harmful to publisher revenue”. The company would clearly prefer publishers to submit to its Acceptable Ads whitelist route.

“We believe that the independent, third-party Acceptable Ads Standard, developed by the Acceptable Ads Committee, is the long-term solution to securing a sustainable advertising industry,” agrees Williams. “The Acceptable Ads marketplace provides users with a respectful ad experience, while allowing publishers to monetise.”

“In a much more general sense, the right way to deal with a user who blocks all or filters some ads is to talk to them and let them decide if and how they want to pay for the content,” he adds.

“For instance, circumvention is often confused with “anti-adblock walls,” which ask users to disable their ad blockers (the two are totally different). A wall such as this is just one alternative, which keeps users in control and does not attempt to circumvent their wishes.”

Williams says v3.1 of Adblock Plus, which landed back in April, baked in “new and significant anti-circumvention measures” for the first time — and he lauds “early results”, saying the addition resulted in 103 websites being “freed from reinjected ads”.

“The most common method used is to serve first-party ads with a randomized ID. The advertisement is stored on the same server as the main website, so blocking a specific domain does not work. We’re happy to say that we’re now more successful in combating this type of circumvention,” he says of circumvention techs.

“It’s important to keep in mind that circumvention is not something new — it’s been around since the start of ad blocking. It’s just that there are more third-party providers of circumvention now than there used to be.

“Our efforts with the taskforce are geared toward giving users of all ad blockers a better experience. However, circumvention has always been a cat-and-mouse game – it’s just that now the mouse is ready for anything the cat might throw its way.”

Security firm FireEye has confirmed that a widely used web payment portal used to pay for local government services, like utilities and permits, has been targeted by hackers.

Hackers have broken into self-hosted Click2Gov servers operated by local governments across the US, likely using a vulnerability in the portal’s web server that allowed the attacker to upload malware to siphon off payment card data over a period of “weeks to numerous months,” Nick Richard, FireEye’s principal threat intelligence analyst, told TechCrunch.

Superion, a major technology provider that owns the web payment portal Click2Gov, said in June following a confirmed breach last year that there was “no evidence” that the portal was unsafe to use amid reports of suspicious activity by customers. Superion issued patches after several customers complained that their credit card information had been stolen, but said that it was largely up to local governments and municipalities to patch their servers.

But since then, several more local government sites were identified as victims of the malware.

FireEye’s incident response arm Mandiant said the hacker used the server vulnerability to upload a tool, which it calls FIREALARM, to sift through server log data for credit card data, while another piece of malware it’s calling SPOTLIGHT to intercept credit card data from unencrypted network traffic. Once collected, the data is encoded and exfiltrated by the hacker.

Credit card numbers, expiration dates, and verification numbers, along with names and addresses were stolen by the malware, the security firm said.

But Richard said it’s not known how many victims there are for each compromised server.

“Any web server running an unpatched version of Oracle WebLogic would be vulnerable to exploitation, thus allowing an attacker to access the web server to manipulate Click2Gov configuration settings and upload malware,” said Richard.

FireEye did not say who was to blame for the attacks but said it was “likely” a team of hackers, given the skills necessary to pull off the attack.

“There is much left to be uncovered about this attacker,” FireEye said in a blog post, and anticipates that the hackers will “continue to conduct interactive and financially motivated attacks.”

Superion told TechCrunch that it has “diligently kept our customers informed while working with them to update available patches for the third-party software that contributed to the issue,” and that none of its cloud customers are affected.

Amazon’s Echo Dot may have been a bestseller on Prime Day, but Google’s Home Mini device is now the top-selling smart speaker worldwide, according to a new report out this morning from Strategy Analytics. The analyst firm says Google’s small speaker accounted for 1 in 5 smart speaker shipments in Q2 2018, edging out the Echo Dot with its 2.3 million global shipments compared to Echo Dot’s 2.2 million.

Combined, these two entry-level smart speakers – the Echo Dot and Home Mini – accounted for 38% of global shipments, the firm found.

In total, 11.7 million smart speaker devices were shipped during Q2, with 4 out of the top 5 devices coming from either Amazon or Google.

Following the Dot, was Amazon’s flagship Echo device with 1.4 million shipments, then Alibaba’s Tmail Genie (0.8m), and Google Home (0.8m).

Apple’s HomePod wasn’t ranked in the top five, but took a 6% share of the shipments in Q2.

However, HomePod’s premium focus and higher price tag allowed it to take a sizable chunk of smart speaker revenue during this period.

While the Home Mini and Echo Dot combined accounted for 17% of smart speaker revenues, Apple’s HomePod alone took a 16% share of wholesale revenues. And in terms of devices above the $200 price point, the HomePod had a 70% revenue share.

Strategy Analytics’s report also indicated this growing market is still in flux, thanks to expected new arrivals which could impact the shares held today by existing players.

“The number of smart speaker models available worldwide has grown significantly over the last twelve months as vendors look to capitalize on the explosive market growth,” said David Mercer, Vice President at Strategy Analytics, in a statement. “Heavyweight brands such as Samsung and Bose are in the process of launching their first models, adding further credibility to the segment and giving consumers more options at the premium-end of the marker,” he added.

Telegram has announced it will be migrating iOS users of its messaging app to a rebuilt-from-scratch Swift version.

It’s been running two versions of its app in parallel on iOS and Android during 2018 — officially announcing Telegram X in January, when it billed it as an experiment and said the alternative app “may or may not eventually replace the existing official apps”.

Well, that maybe has now become a certainty — at least on iOS.

In a post on his Telegram channel, founder Pavel Durov says the company will be replacing the iOS app with the Swift rebuild “within the next week or two”.

“As a result, Telegram will become faster, slicker and more efficient,” he writes. “Since it will rely on an entirely new codebase, some minor bugs and glitches might occur, but we’ll make sure they are quickly — or should I say “swiftly” — fixed.”

“This change will make Telegram the most popular messaging app written fully in Swift. Some would say it’s a big risk, but I think somebody has to take such risks and be the first to implement new technologies, such as e2e [end-to-end] encryption — or Swift,” adds Durov.

At the time of writing, the original Telegram iOS app and the Telegram X rebuild are both currently still available for download in the App Store.

It’s not clear whether Telegram will also be entirely replacing the Android app with the Telegram X Android version (or not). Nor what the iOS switch will mean for Telegram users running the app on a version of Apple’s mobile OS that doesn’t support Swift apps (iOS 6 or earlier).

Telegram may well be calculating that only a very small few number of its iOS users are likely that far behind on iOS updates. (Whereas the Android ecosystem is far more fragmented.)

Also unclear: Whether or not Telegram plans to open source Telegram X code.

It has open sourced Telegram client-side code in the past but has also faced criticism for not immediately publishing the most recent versions and for not open sourcing server-side code. (Though in an FAQ it still makes the claim that: “All code will be released eventually.”)

We’ve reached out to the company with additional questions about the switch to Telegram X and will update this post with any response.

In the current App Store description for Telegram X the iOS app is billed as “an alternative Telegram client built in Swift, with higher speed, slicker animations, themes and more efficient battery use”.

The Swift rebuild, which has been available on the App Store since January, has a 4.0 (out of 5) star rating — with reviewers lauding its faster speed but also reporting a few bugs and/or complaining about some missing features.

Magic Leap promised us a world of dreams, we’re getting Angry Birds.

After about a month in the public spotlight, the Magic Leap One is starting to get its first titles. Rovio and Resolution Games announced publicly today that they will be releasing Angry Birds FPS: First Person Slingshot this fall for the Magic Leap One.

It’s an actual game, not just a little tech demo. I had a chance to play with the soon-to-be-released title and it’s actually pretty refreshing and fun making the futuristic hardware feel a little less alien.

It wasn’t my first bout with Magic Leap’s new hardware, but it was the first time that I truly appreciated what improvements it boasts over hardware like Microsoft’s HoloLens.

You could probably beat the 20 levels of Angry Birds FPS in around an hour, but I started fumbling and having to seriously strategize after just a few of them, though like many others I can honestly say I haven’t played an Angry Birds title since I had an iPhone 3GS so it’s been a minute.

That said, the mechanics are pretty familiar in that you’re trying to knock over a little tower of blocks and the green pigs that inhabit their far reaches. What’s unique is that the tower is now stacked on your coffee table that you can approach from any angle and the Magic Leap controller is your slingshot that you can aim a lot more precisely as a result.

The Resolution Games team said that they had previously been experimenting with Microsoft’s headset but it was Magic Leap’s positionally tracked controller that really opened up the headset to develop something like a full gaming title.

It’s kind of interesting that Apple’s main ARKit 2 demo and Magic Leap’s first full title are slingshot games, but I guess you find what works and move from there.

The title isn’t ground-breaking by any means in terms of enabling some sort of futuristic AR use case, but what felt most unique was how familiar it felt. Part of that is obviously the IP with Angry Birds but it’s also a game that doesn’t ask you to freestyle too much and doesn’t give you a world of options. It felt like a mobile game, if only one that allowed you to visualize the mobile content overlaid on the world in front of you.

You learn to deal with limitations like field-of-view and there does seem to be a lot developers can do to minimize that being the only thing you focus on. It’s kind of bizarre that Magic Leap didn’t actually ship the headset with more content like this because the short demos that came onboard the One Creator’s Edition really didn’t sell it too well. Fortunately, the device is definitely a developer’s edition and it seems that even by the company’s developer conference next month, more content seems to be on the way from partners like Resolution Games and Rovio who have been building this title since January as an early partner of Magic Leap.

Magic Leap One may not be the headset everyone wanted it to be — or what the company told us it would be — but judging by the first big title coming to it, it seems like it gets enough right that developers are going to have a fun time with it even if it is just a labor of love for them right now.

Newegg is clearing up its website after a month-long data breach.

Hackers injected 15 lines of card skimming code on the online retailer’s payments page which remained for more than a month between August 14 and September 18, Yonathan Klijnsma, a threat researcher at RiskIQ, told TechCrunch. The code siphoned off credit card data from unsuspecting customers to a server controlled by the hackers with a similar domain name — likely to avoid detection. The server even used an HTTPS certificate to blend in.

The code also worked for both desktop and mobile customers — though it’s unclear if mobile customers are affected.

The online electronics retailer removed the code on Tuesday after it was contacted by incident response firm Volexity, which first discovered the card skimming malware and reported its findings.

Newegg is one of the largest retailers in the US, making $2.65 billion in revenue in 2016. The company touts more than 45 million monthly unique visitors, but it’s not known precisely how many customers completed transactions during the period.

When reached, a Newegg spokesperson did not immediately comment.

Klijnsma called the incident “another well-disguised attack” that looked near-identical to the recent British Airways credit card breach. Like that breach, RiskIQ attributed the Newegg credit card theft to the Magecart group, a collective of hackers that carry out targeted attacks against vulnerable websites.

The code used in both skimming attacks was near identical, according to the research.

“The breach of Newegg shows the true extent of Magecart operators’ reach,” said Klijnsma. “These attacks are not confined to certain geolocations or specific industries—any organization that processes payments online is a target.”

Like previous card skimming campaigns, he said that the hackers “integrated with the victim’s payment system and blended with the infrastructure and stayed there as long as possible.”

Anyone who entered their credit card data during the period should immediately contact their banks.

In the second episode of the new Product Hunt Radio, I’m joined by two amazing community-builders based in New York, Anil Dash and Allison Esposito.

Anil is the CEO of Glitch, a friendly community where developers build the app of their dreams. You’ll find everything from AI-powered musical spinners to a multiplayer drawing game created on the platform. He’s also an adviser to Medium, DonorsChoose, Project Include and Stack Overflow.

Allison is formerly of Oyster, the Netflix for books, which was acquired by Google in 2015. Afterward she founded Tech Ladies, a community that connects women with the best jobs in tech.

In this episode we talk about:

• The good ol’ days of IRC, Friendster, AIM and MySpace. A lot has changed since then, yet they continue to exhibit some of the same dynamics and challenges of today’s massive social networks.
• The challenges of building a healthy community on the internet in a time when careers and reputations can be destroyed in an instant.
• How online communities mirror offline interactions. Opening up an app has many parallels to walking into a social gathering in real life.
• Some of the common misconceptions people have about creating communities online and what a founder’s goal should really be in starting a community.

Of course, we also cover some of our favorite products that you might not know about.

We’ll be back next week so be sure to subscribe on Apple Podcasts, Google Podcasts, Spotify, Breaker, Overcast, or wherever you listen to your favorite podcasts.