Author: azeeadmin

Google isn’t one to shy away from bold claims.

“We have had no reported or confirmed account takeovers since implementing security keys at Google,” a spokesperson told TechCrunch.

And it’s probably true. Think of a security key as like a two-factor authentication code that’s sent to your phone — but instead a USB stick in your pocket. Two-factor authentication is stronger than just a username and password, but text message codes can be intercepted and many sites and services don’t yet support the stronger authenticator codes. Security keys are one of the strongest lines of defense against account breaches. That’s because a hacker on the other side of the world trying to break into your account needs not only your password but also your physical key — and that’s not something a hacker can easily or covertly steal.

Although there are a handful of security key brands out there — Yubikey and Feitian to name two — Google thinks it can do better with its own Titan security keys.

Out Thursday, the company’s own branded and in house-developed security keys are now available to buy. One is a USB key, and the other supports Bluetooth and NFC for mobile devices. You need to enroll both keys — one stays in a safe space, and the other stays with you.

These keys don’t look too dissimilar from keys Google previously offered under its Advanced Protection Program, which help high-risk users — like journalists, activists, and government officials — protect their accounts from sophisticated nation-state hackers. In fact, they look almost identical. But the company says these keys pack a punch that make them stronger and more resilient than any other security key on the market.

For one, the search giant says it’s taken the best of what’s already available — like FIDO standards — and built extra protections inside. The company is also touting its own special sauce — the software that’s embedded on each key, which protects against tampering. Each key stores its firmware in a secure element that can’t be modified, preventing anyone from extracting the private data in the key that’s authenticates you with Google when you login. By sealing in the encryption data before the hardware chips are delivered to the factory where the keys are built, Google says it reduces the risk of manufacturing attacks down the line.

You can use each key with almost any modern browser and mobile device, and a range of websites beyond Google support the key for login, like Dropbox, Facebook, Salesforce, Stripe and Twitter.

But beyond that, it’s pretty much just another security key.

But while they provide near-impermeable security, these keys — like every other on the market — are fiddly and inconvenient. And that’s coming from someone who lives and breathes security — and uses a security key.

Google isn’t close to fixing that problem. Admittedly, any kind of two-factor authentication is a pain, but it’s a price you pay for the gold standard in keeping your account safe. Every time you log in to your account from a new device, you’ll be prompted to enter your email address and password. A swift push of a button on your key — either through Bluetooth or a plugged-in USB key — will tell Google that you’re the real account owner.

A downside of physical keys is that if lose them, you’re toast. That’s why you have two keys — one is meant to be a backup. Google says it can help you gain access to your account again but the recovery process can take days.

Do you need a key? It depends on how paranoid you are.

The reality is that these keys aren’t for the masses — just yet. Although physical keys are designed for high-value targets, they’re a blessing in disguise for even the most basic attacks and novice users. Phishing attacks are common, where someone will send you an email to try to trick you into entering your email address and password. If they have your password, they have your data. But security keys protect only work on the legitimate domain you’re logging into, making phishing attempts practically useless.

And although Google says the devices are secure, Yubikey — a major developer of security keys — criticized Google’s move to support Bluetooth, which adds another attack layer for anyone nearby, citing recent Bluetooth flaws. An attacker could theoretically grab a user’s encryption key over-the-air if they’re within a short range of the Bluetooth device. The company’s critiques notwithstanding, the scope of attacks are so slim that they’re almost negligible — but everyone’s risk factors are different.

We’re still in early days with security keys. Although Google wants these keys to be cheap, accessible and available for the masses, there are too many barriers in the way — even still — for the average user.

But for those who know they need that extra layer of protection, these keys could be enough to save you from catastrophe.

Google isn’t one to shy away from bold claims.

“We have had no reported or confirmed account takeovers since implementing security keys at Google,” a spokesperson told TechCrunch.

And it’s probably true. Think of a security key as like a two-factor authentication code that’s sent to your phone — but instead a USB stick in your pocket. Two-factor authentication is stronger than just a username and password, but text message codes can be intercepted and many sites and services don’t yet support the stronger authenticator codes. Security keys are one of the strongest lines of defense against account breaches. That’s because a hacker on the other side of the world trying to break into your account needs not only your password but also your physical key — and that’s not something a hacker can easily or covertly steal.

Although there are a handful of security key brands out there — Yubikey and Feitian to name two — Google thinks it can do better with its own Titan security keys.

Out Thursday, the company’s own branded and in house-developed security keys are now available to buy. One is a USB key, and the other supports Bluetooth and NFC for mobile devices. You need to enroll both keys — one stays in a safe space, and the other stays with you.

These keys don’t look too dissimilar from keys Google previously offered under its Advanced Protection Program, which help high-risk users — like journalists, activists, and government officials — protect their accounts from sophisticated nation-state hackers. In fact, they look almost identical. But the company says these keys pack a punch that make them stronger and more resilient than any other security key on the market.

For one, the search giant says it’s taken the best of what’s already available — like FIDO standards — and built extra protections inside. The company is also touting its own special sauce — the software that’s embedded on each key, which protects against tampering. Each key stores its firmware in a secure element that can’t be modified, preventing anyone from extracting the private data in the key that’s authenticates you with Google when you login. By sealing in the encryption data before the hardware chips are delivered to the factory where the keys are built, Google says it reduces the risk of manufacturing attacks down the line.

You can use each key with almost any modern browser and mobile device, and a range of websites beyond Google support the key for login, like Dropbox, Facebook, Salesforce, Stripe and Twitter.

But beyond that, it’s pretty much just another security key.

But while they provide near-impermeable security, these keys — like every other on the market — are fiddly and inconvenient. And that’s coming from someone who lives and breathes security — and uses a security key.

Google isn’t close to fixing that problem. Admittedly, any kind of two-factor authentication is a pain, but it’s a price you pay for the gold standard in keeping your account safe. Every time you log in to your account from a new device, you’ll be prompted to enter your email address and password. A swift push of a button on your key — either through Bluetooth or a plugged-in USB key — will tell Google that you’re the real account owner.

A downside of physical keys is that if lose them, you’re toast. That’s why you have two keys — one is meant to be a backup. Google says it can help you gain access to your account again but the recovery process can take days.

Do you need a key? It depends on how paranoid you are.

The reality is that these keys aren’t for the masses — just yet. Although physical keys are designed for high-value targets, they’re a blessing in disguise for even the most basic attacks and novice users. Phishing attacks are common, where someone will send you an email to try to trick you into entering your email address and password. If they have your password, they have your data. But security keys protect only work on the legitimate domain you’re logging into, making phishing attempts practically useless.

And although Google says the devices are secure, Yubikey — a major developer of security keys — criticized Google’s move to support Bluetooth, which adds another attack layer for anyone nearby, citing recent Bluetooth flaws. An attacker could theoretically grab a user’s encryption key over-the-air if they’re within a short range of the Bluetooth device. The company’s critiques notwithstanding, the scope of attacks are so slim that they’re almost negligible — but everyone’s risk factors are different.

We’re still in early days with security keys. Although Google wants these keys to be cheap, accessible and available for the masses, there are too many barriers in the way — even still — for the average user.

But for those who know they need that extra layer of protection, these keys could be enough to save you from catastrophe.

Google is pushing back against a claim by Donald Trump that the search engine stopped promoting State of the Union livestreams on its homepage after his presidency began. Trump’s claim came in the from of a tweeted video, which was still pinned to the top of his profile when this post was published at 9:30 PM PST, Aug. 29, 2018, after Google’s refutation and multiple media reports of its inaccuracy.

Hashtagged #stopthebias, the video appears to show that Google did not display links to livestreams of Trump’s first public speech to a joint session of Congress on February 28, 2017 or his first State of the Union on January 30, 2018, despite promoting Obama’s State of the Union addresses in 2012, 2013, 2014, 2015 and 2016.

#StopTheBias pic.twitter.com/xqz599iQZw

— Donald J. Trump (@realDonaldTrump) August 29, 2018

Google, however, says it did indeed highlight Trump’s first State of the Union in 2018, but that it usually does not include links on its homepage to a president’s first public address to Congress, so neither Obama nor Trump’s were featured. In a statement sent to BuzzFeed News, the company said “On January 30, 2018, we highlighted the livestream of President Trump’s State of the Union on the google.com homepage. We have historically not promoted the first address to Congress by a new President, which is technically not a State of the Union address. As a result, we didn’t include a promotion on google.com for this address in either 2009 or 2017.”

Google statement to @JohnPaczkowski on Trump’s tweet pic.twitter.com/1w82mQqApg

— Jon Passantino (@passantino) August 29, 2018

The video shared by Trump does not make a distinction between a president’s first public speech to a joint session of Congress and his first State of the Union address.

A discrepancy in Google’s logo also suggests that at least one of the screenshots, which appear to have been taken from the Internet Archive’s Wayback Machine, was doctored. A Gizmodo commenter notes that one of the screenshots in the video Trump tweeted, from January 12, 2016, shows a version with the previous Google logo, not the sans-serif version introduced in September 2015, which can be seen in a Wayback Archive’s screen capture from January 10, 2016 and other days from that month when a Google Doodle wasn’t featured.

Furthermore, while a link to Trump’s State of the Union does not appear on archived versions of Google’s homepage from January 30, 2018, it does show up on a capture from 1AM on January 31, as Twitter user @WrockBro notes. That may be because the Wayback Machine uses Greenwich Mean Time time stamps.

Not only that, but also this: https://t.co/RfJIKpYGJX

— enJPL (@WrockBro) August 30, 2018

Trump’s tweet is the part of his current onslaught against Google, other tech companies and mainstream media, which he accuses of having a liberal bias and burying news about his administration. It is worth pointing out, however, that Trump’s 2017 first speech to Congress was widely praised as “presidential” by journalists across the political spectrum, even liberal publications. In turn, they were ridiculed by critics for being awed by a president acting presidential.

Apple has acquired Akonia Holographics, a Denver-based startup that manufactures augmented reality waveguide lenses. The acquisition was confirmed by Apple to Reuters who first reported the news.

An Apple spokesperson gave TechCrunch the company’s standard statement, “Apple buys smaller technology companies from time to time, and we generally don’t discuss our purpose or plans.”

This acquisition offers the clearest confirmation yet from Apple that it is investing resources into technologies that support the development of a lightweight augmented reality headset. There have been a number of reports over the years that Apple is planning to release consumer AR glasses within the next few years.

In late 2017, we reported that Apple had acquired Vrvana, a mixed-reality headset company with a device that offered users pass-through augmented reality experiences on a conventional opaque display. This latest acquisition seems to offer a much clearer guide to where Apple’s consumer ambitions may take it for a head-worn augmented reality device.

Waveguide displays have become the de facto optic technology for augmented reality headsets. They come in a few different flavors but all of them essentially involve an image being beamed into the side of a piece of glass and bouncing between etchings (or other irregularities) in a lens and eventually beaming that image to the user’s eyes. Waveguide lenses are currently used in AR headsets sold by Magic Leap and Microsoft, among many others.

They’re popular because they allow for thin, largely transparent designs though they also often have issues with color reproduction and the displays can only become so large before the images grow distorted. Akonia’s marketing materials claim for their “HoloMirror” solution says it can “display vibrant, full-color, wide field-of-view images.”

The startup raised $11.6 million in funding according to Crunchbase.

While many of Apple’s largest technology competitors have already experimented with AR headsets, Apple has directed the majority of its early consumer-facing efforts to phone-based AR technologies that track the geometry of spaces and can “project” digital objects onto surfaces.

The most unclear question regarding Apple’s rumored work on its AR glasses is whether the company is looking to ship a higher-powered device akin to Magic Leap that would track a user’s environment and be built upon Apple’s interactive ARKit tech, or whether it’s first release will be more conservative and approach AR glasses as more of a head-worn Apple Watch that presents a user’s notifications and enables light interactions.

Moving forward with waveguide displays would certainly leave both options open for the company, though given the small window that even today’s widest field-of-view waveguides have, I expect that Apple may opt for the latter pending a big tech breakthrough or a heavily delayed release.

Bessemer Venture Partners is gearing up for its next billion-dollar fund. The early-stage venture capital firm, which had filed to raise new capital in early August, has reportedly set a $1.6 billion target for its tenth flagship fund, an amount that a source familiar with the fundraise tells us is “directionally correct.”

Bessemer declined to comment.

If Bessemer indeed raises that amount, it will be the same size as its ninth fund, which closed on $1.6 billion in 2015. If that’s the case, Bessemer may be bucking VCs’ new favorite trend of raising their largest funds to date. Maybe, just maybe, Bessemer hasn’t fallen victim to the SoftBank effect. The Japanese telecom giant has a nearly $100 billion “Vision Fund” and invests in tech companies, competing directly with Silicon Valley heavyweights. 

General Catalyst, for example, closed its biggest fund ever earlier this year on $1.375 billion. And Insight Venture Partners finished off a $6.3 billion fundraise in July — also the most monumental in the firm’s history.

It’s been a busy year so far for Bessemer. On top of working to secure capital for BVP X, the firm announced a $10 million early-stage seed fund, called Deep Health Seed Program, in June. The fund is being led by Bessemer healthcare investor Steve Kraus and its head of investments in Israel, Adam Fisher. Deep Health is investing $100,000 to $2 million into early-stage companies using machine learning to solve problems in healthcare.

The firm has seen a couple of notable exits so far this year. For starters, Bessemer portfolio company DocuSign went public in April, raising more than $600 million in the process. And Workday paid $1.55 billion for financial planning software startup Adaptive Insights, another Bessemer portfolio company, in June.

Bessemer’s current portfolio includes Pinterest, Betterment, Rocket Lab, Toast, PagerDuty, ServiceTitan, Fiverr and others.

“The Other Side of the Wind” has had a long, torturous path to completion.

In a way, it’s one of the final chapters in the longer saga of Orson Welles — who, after making “Citizen Kane” (often cited as the greatest film of all time) and “The Magnificent Ambersons,” spent most of the ensuing decades in Europe, piecing together the funding for projects like “Chimes at Midnight.”

He shot “The Other Side of the Wind” throughout the 1970s and even managed to edit part of the film before running out of funding. Since his death in 1985, Peter Bogdanovich and other Welles supporters have tried to complete the film, but they’ve been stymied by additional legal and financial issues.

Until recently, that is, when Netflix stepped in to fund the work. The streaming giant’s involvement did cause some additional issues, namely its absence from the Cannes Film Festival (the festival passed a rule last year that effectively blocks Netflix films from participating), but the movie is set to screen this fall at the Venice and New York film festivals, then launch on Netflix on November 2.

As further proof that this really is happening, Netflix has released the first trailer. While the trailer is a bit cryptic, it gives us a good look at Jack Hannaford, the reactionary director at the center of the film — he’s played by John Huston, the legendary director and occasional actor who also portrayed the villain in “Chinatown.”

Tesla’s fleet internet network and website appear to currently be down for some users and it’s causing problems for vehicle owners who rely on the Tesla app.

Electrek reported on the outage earlier and users across Twitter have been complaining about being unable to log into the company’s desktop site or mobile app. Reports have been popping up for the past couple hours and the company’s website is oddly also down currently. We’ve reached out to Tesla for more details of what exactly is happening.

What does that mean for Tesla owners right now? Well, it definitely means that they can’t get any new updates for the time being or see details about their vehicle in the app. Life is a lot rougher for users who may be solely relying on the Tesla app to unlock or start their car and don’t have app access to do either currently.

Updating

Tesla’s chief people officer Gaby Toledano, and one of the few female executives at the automaker, is on leave of absence 15 months after taking the senior management position.

The company confirmed she was on leave and did not provide a timeline of when she might return or if this move was more permanent.

“Gaby previously asked to go on leave to spend time with her family, and we support that. The HR team has been sharing her responsibilities,” the company said in a statement.

Toledano joined Tesla in May 2017 after 10 years on the executive team at video game publisher Electronic Arts. She has also led HR leadership positions at Siebel Systems, Microsoft, and Oracle. She replaced Arnnon Geshuri, who left the company after eight years amid complaints about work conditions at its Fremont factory.

Unlike the company’s public CEO Elon Musk, Toledano was one of the many in Tesla’s senior management team who rarely made public appearances, if any. The company has long eschewed attention on its executives, with the occasional exception of chief designer Franz von Holzhausen and CTO JB Straubel.

Toledano and several other executives made a rare public appearance in June when Musk pulled them on stage at Tesla’s annual shareholder meeting.

Toledano’s leave follows the departure of Sarah O’Brien, who headed up Tesla’s communications team. Laurie Shelby, who heads the company’s environmental, health and safety efforts, and Cindy Nicola, head of global recruiting, are the last remaining female executives at the company.

Doug Field, senior vice president of engineering, took what the company described as a leave of absence from the company in May. At the time, the company said “Doug is just taking some time off to recharge and spend time with his family. He has not left Tesla.”

Field left the company for good in July.

SurveyMonkey, which helps businesses gather feedback through its survey platform, has submitted paperwork to the SEC for its upcoming NASDAQ public offering. The company plans to raise $100 million in the IPO, per the filing, though that’s likely a placeholder amount.

The company, which will list under the symbol SVMK, has yet to price its shares. Most recently, SurveyMonkey brought in $250 million from Tiger Global, ICONIQ Capital and Social+Capital Partnership. The financing valued the company at $2 billion.

SurveyMonkey didn’t immediately respond to a request for comment.

At the ripe age of 19, San Mateo, Calif.-based SurveyMonkey has been prepping an IPO for years now, finally filing confidentially with the SEC via the JOBS Act, which lets companies test the waters before they formally release an S-1, in mid-June.

Despite its age, the company still isn’t profitable. SurveyMonkey reported a net loss of $27.18 million on $121 million in revenue in the first half of 2018. During the same period last year, it had a $19 million net loss on $106.5 million in revenue. In all of 2017, SurveyMonkey posted a $24 million net loss on $219 million in revenue.

The filing lists J.P. Morgan as the lead underwriter for the IPO.

The online polling company has raised some $600 million across several rounds of equity funding from investors, including Tiger Global, which owns a 29.3 percent pre-IPO stake. Its board includes Serena Williams and Sheryl Sandberg.

Sandberg’s late husband Dave Goldberg was the founder and former CEO of the company; he passed away in 2015. She owns 10,318,577 shares, but plans to “donate all shares beneficially owned by her (or the proceeds from the sale thereof) to the Sheryl Sandberg and Dave Goldberg Family Foundation as part of fulfilling their philanthropic commitment to the Giving Pledge,” the filing states.

SurveyMonkey joins a herd of unicorns that have announced plans to transition into the public sphere this year. Eventbrite, for example, submitted its IPO paperwork last week, with plans to raise $200 million from selling Class A shares.

Smartsheet, Zuora, Dropbox and DocuSign have all completed their public debuts this year.

Thousands of developers, designers, hackers and marketers from around the world worked for months to submit their creations to our first Virtual Hackathon, which takes place at Disrupt San Francisco on September 5-7. It wasn’t easy, but we narrowed the field down to 30 semi-finalists, and we can’t wait to reveal the winner at the show.

But right now, we want to send a huge shout-out of thanks and appreciation to nine outstanding companies for adding even more excitement to the Virtual Hackathon by sponsoring an exciting range of challenging contests. We’re looking at you, Byton, Viond, Visa, Amazon Alexa, Novartis, TomTom, Here Mobility, Sony Pictures and United Airlines. Tip o’ the hat!

These hack contests ranged from ways to use artificial intelligence in the age of autonomous cars to building an app that gives customers a unique way to book, pay for and view airline reservations — and so much in between. You can find the full list of challenges and prizes here.

We’re thrilled to announce the sponsored contest winners — a determined and creative lot to say the least. Drum roll, please!

Byton

• First place: CAR-O-KE
• Second place: Talk Talk

Viond  

• First place: A Trip to Space
• Second place: Make A Change
• Third place: World of Adventure
• Honorable mention: Jump360

Visa

• First place: Blindsight
• Second place: AI Vision
• Third place: Agri360

Amazon Alexa

• First place: AI Vision
• Second place: LadyBeats
• Third place: Smart Plant IoT
• Honorable mention: Gaze VUI and Winnie

Novartis   

• Veta Health
• Medable
• Wavy
• Pulse
• Cardios

TomTom

• ARound

Here Mobility     

• Blindsight

Sony Pictures   

• Sound Shop

United Airlines

• Pickle

Thank you all for participating and hope to see you at Disrupt SF next week!