Category: UNCATEGORIZED

Homeland Security wants to expand facial recognition checks for travelers arriving and departing the U.S. to also include citizens, which had previously been exempt from the mandatory checks.

In a filing, the department has proposed that all travelers, and not just foreign nationals or visitors, will have to complete a facial recognition check before they are allowed to enter the U.S., but also to leave the country.

Facial recognition for departing flights has increased in recent years as part of Homeland Security’s efforts to catch visitors and travelers who overstay their visas. The department, whose responsibility is to protect the border and control immigration, has a deadline of 2021 to roll out facial recognition scanners to the largest 20 airports in the United States, despite facing a rash of technical challenges.

But although there may not always be a clear way to opt-out of facial recognition at the airport, U.S. citizens and lawful permanent residents — also known as green card holders — have been exempt from these checks, the existing rules say.

Now, the proposed rule change to include citizens has drawn ire from one of the largest civil liberties groups in the country.

“Time and again, the government told the public and members of Congress that U.S. citizens would not be required to submit to this intrusive surveillance technology as a condition of traveling,” said Jay Stanley, a senior policy analyst at the American Civil Liberties Union .

“This new notice suggests that the government is reneging on what was already an insufficient promise,” he said.

“Travelers, including U.S. citizens, should not have to submit to invasive biometric scans simply as a condition of exercising their constitutional right to travel. The government’s insistence on hurtling forward with a large-scale deployment of this powerful surveillance technology raises profound privacy concerns,” he said.

Citing a data breach of close to 100,000 license plate and traveler images in June as well as concerns about a lack of sufficient safeguards to protect the data, Stanley said the government “cannot be trusted” with this technology and that lawmakers should intervene.

When reached, spokespeople for Homeland Security and Customs & Border Protection did not immediately have comment.

Canalys released its latest cloud infrastructure spending numbers for China today, and it’s all trending upward. For starters, the market reached $2.9 billion for the quarter, an increase of 60.8%. China now accounts for 10.4% of worldwide cloud spending, meaning its second only to the US in overall spending.

That is pretty amazing given that China was late in coming to the cloud, but also not surprising given the sheer size of the overall potential market. Once it got going, it was bound to gain momentum simply because of that size. Still, it is surprising that it is three times the size in terms of marketshare of the next closest country, according to Canalys.

Most of the business is going to Chinese cloud companies. Alibaba, which like Amazon has a retail arm and a cloud arm, leads the way by far with 45% of the marketshare worth $1.3 billion. Tencent is second with 18.6%, followed by AWS with 8.6% and Baidu with 8.2%. AWS was the only non-Chinese company to register any marketshare.

Wong Yih Khai, senior analyst at Canalys, says the market demand for cloud infrastructure services in China continues to grow at a rapid pace led by demand for artificial intelligence services.

“With this growing demand, cloud service providers are having to differentiate themselves in a highly competitive environment. One of the key emerging differentiators, especially among local cloud service providers, is the development of artificial intelligence (AI) capabilities, either as a service or embedded in their own offerings. AI for facial recognition is already widely used across the country in many smart city deployments and will be a key part of healthcare, retail, finance, transport and industry cloud solutions,” he said in a statement.

Interestingly enough, the marketshare breaks down somewhat like worldwide marketshare, where Amazon leads with around 34% with Microsoft in second with around 15% and Google in third with around 8%.

Canalys released its latest cloud infrastructure spending numbers for China today, and it’s all trending upward. For starters, the market reached $2.9 billion for the quarter, an increase of 60.8%. China now accounts for 10.4% of worldwide cloud spending, meaning its second only to the US in overall spending.

That is pretty amazing given that China was late in coming to the cloud, but also not surprising given the sheer size of the overall potential market. Once it got going, it was bound to gain momentum simply because of that size. Still, it is surprising that it is three times the size in terms of marketshare of the next closest country, according to Canalys.

Most of the business is going to Chinese cloud companies. Alibaba, which like Amazon has a retail arm and a cloud arm, leads the way by far with 45% of the marketshare worth $1.3 billion. Tencent is second with 18.6%, followed by AWS with 8.6% and Baidu with 8.2%. AWS was the only non-Chinese company to register any marketshare.

Wong Yih Khai, senior analyst at Canalys, says the market demand for cloud infrastructure services in China continues to grow at a rapid pace led by demand for artificial intelligence services.

“With this growing demand, cloud service providers are having to differentiate themselves in a highly competitive environment. One of the key emerging differentiators, especially among local cloud service providers, is the development of artificial intelligence (AI) capabilities, either as a service or embedded in their own offerings. AI for facial recognition is already widely used across the country in many smart city deployments and will be a key part of healthcare, retail, finance, transport and industry cloud solutions,” he said in a statement.

Interestingly enough, the marketshare breaks down somewhat like worldwide marketshare, where Amazon leads with around 34% with Microsoft in second with around 15% and Google in third with around 8%.

A few weeks ago, Ubiquiti unveiled the UniFi Dream Machine, an all-in-one networking device that combines a router, a switch with four Ethernet ports and a Wi-Fi access point for $299. It has what Ubiquiti calls an integrated cloud key that lets you control your network.

I’ve been using the UniFi Dream Machine on my home network for the past couple of weeks, so consider this a review of the device.

Ubiquiti is a well-known networking brand. Most people are familiar with the company’s access points — those rounded antennas that you can find around schools, companies and public spaces.

But the upfront investment has always been a bit steep for personal use cases and even small companies. The UniFi Dream Machine sits perfectly in between professional gears and consumer devices. It represents a huge upgrade is you’re using the router with Wi-Fi capabilities provided by your internet service provider.

Rebundling UniFi devices

Ubiquiti has a range of routers under the AmpliFi brand for consumers who are looking for a plug-and-play solution. The company recently announced a new device with great specifications if you don’t want to mess around with networking settings.

But if you’re reading this, chances are you know that UniFi products offer some customizations that you think are lacking in consumer products.

Switching from an all-in-one networking device to a UniFi system has always been a bit complicated. The company has broken down the networking stack into different devices to offer you more control.

It means that you have to buy a Security Gateway (a router, the “brain” of the network), a switch (just like a power strip, but for Ethernet ports) and an access point (a Wi-Fi antenna). On top of that, a UniFi cloud key is an essential buy if you want to manage your network with the company’s controller software.

If you’re committed to the UniFi ecosystem, you get a great experience. You can manage each Ethernet port on your switch individually, you can control Wi-Fi settings from anywhere in the world and many, many more things. Ars Technica’s Lee Hutchinson fell down the UniFi rabbit hole and wrote a great story about his experience running professional networking gears at home.

The UniFi Dream Machine takes a different approach. It rebundles all the separate pieces that make a UniFi network come to life. You can buy the $300 UniFi Dream Machine and control every little detail of your network.

Specifications

A few words on the specifications of the UniFi Dream Machine. The pill-shaped device has an integrated security gateway, which lets you run a DHCP server, create firewall policies, take advantage of multiple VLANs and more.

In addition to the WAN port to connect your device to the internet, there are four Gigabit Ethernet ports. As for Wi-Fi, the Dream Machine supports 802.11ac Wave 2 (“Wi-Fi 5”) with a 4×4 MU-MIMO antenna — no Wi-Fi 6 unfortunately.

Behind the scene, the device uses a 1.7GHz ARM Cortex-A57 processor. It has 2GB of RAM and 16GB of storage and consumes up to 26W.

Using the Dream Machine

Setting up the UniFi Dream Machine is a great experience. Ideally, you want to plug an Ethernet cable in your ISP-provided router and put it in bridge mode. This way, it’ll act as a dumb modem and let the UniFi Dream Machine do all the hard work.

After downloading the mobile app and turning on the UniFi Dream Machine, you get a popup that mimics the pairing popup of the AirPods. You can then control your network from that mobile app or use a web browser on your computer.

This is when it gets interesting.

UniFi’s controller software usually lists all the UniFi devices currently running on your network. With the UniFi Dream Machine, you get a single device. But if you expand that device, you can see a list of three separate UniFi components — a gateway, a switch and an AP.

As expected, you can control every little detail of your network. Once again, this isn’t for everyone and you will have to learn a lot of things about networking in order to optimize your setup. But if you’re a digital tinkerer, it’s a breath of fresh air.

The UniFi Dream Machine acts as the DHCP server in my home. I have renamed my devices and assigned fixed IPs to all my device in order to find them more easily. You can see in real time the network they’re using and if they’re getting a good Wi-Fi signal.

I have also configured Cloudflare’s 1.1.1.1 public DNS at the network level.

There are a ton of possibilities if you care about security. I created a guest Wi-Fi network that only lets my friends access the internet. They can browse Twitter and stream Netflix shows without any issue, but they can’t access my computers on the local network.

I also created another Wi-Fi network for IoT devices, such as connected speakers, a printer and a robot vacuum. Connected devices don’t get a lot of security patches and have more vulnerabilities than a computer or a smartphone that you keep up-to-date. I assigned a different VLAN to this Wi-Fi network. VLANs let you create a partitioned network with different sets of rules.

I applied firewall rules to this VLAN so that I can control the devices from my personal devices, but they can’t initiate requests to my devices on their own. This is overkill for most people, but it’s fun that you can do that from UniFi’s controller. More details here.

When it comes to Wi-Fi, everything is customizable and performances have been stellar. I live in a small apartment, but the balcony has always been an issue. I often work from the balcony, and I’ve been using a cheap Wi-Fi extender that I found in a box of gadgets and cables.

I unplugged the Wi-Fi extender and tried to connect to the UniFi Dream Machine. I get better performance, even if I reduce Wi-Fi transmit power to medium.

These are just a few examples of things you can do with the UniFi Dream Machine. I feel like I’m still underusing the device (you can connect via SSH and control everything from the terminal), but I wouldn’t consider going back to an entry-level router with Wi-Fi capabilities.

Targeting prosumers

The UniFi Dream Machine is the networking device I didn’t know I wanted. I’ll never have hundreds of Wi-Fi devices connected to my home network. I don’t need a dozen Ethernet ports. And yet, I want to be in control of my network. If you miss Apple’s AirPort Extreme or if you’re a networking nerd, you should consider the UniFi Dream Machine.

Small businesses and shops often make some poor decisions at the beginning of the company. A cheap Wi-Fi router on Amazon doesn’t cut it when your business scales. The Dream Machine can be a good entry point as you’ll be able to build upon that base device.

But if you think you have bigger needs, don’t try to run a big network from a UniFi Dream Machine. Ubiquiti sells some great rackable devices that will give you a lot more flexibility. The UniFi Dream Machine is a constrained machine after all. That’s what makes it both not good enough for enterprise customers and great for prosumers.

The Daily Crunch is TechCrunch’s roundup of our biggest and most important stories. If you’d like to get this delivered to your inbox every day at around 9am Pacific, you can subscribe here.

1. Facebook launches a photo portability tool, starting in Ireland

Facebook says it will make it easier for users to get their photos off the social network and onto another service — a step toward addressing the concerns of lawmakers and antitrust regulators.

The company is starting off with a way for users in Ireland to move pictures into Google Photos via encrypted transfer, but it says the feature will be available worldwide in the first half of 2020 and will eventually include integrations with additional services.

2. In ’60 Minutes’ appearance, YouTube’s CEO offers a master class in moral equivalency

YouTube’s Susan Wojcicki told “60 Minutes” reporter Lesley Stahl that the company has drawn a line at taking down videos that cause “harm,” as opposed to videos that might spread merely hatred and disinformation. In response, Connie Loizos argues that the distinction is, in a word, laughable.

3. Ikea is helping to redesign simulated Mars habitats

Ikea has been working with an Earth-based research facility that is meant to mimic what a Mars habitat would be like. Originally, Ikea sent a designer to the station to seek inspiration for creating functional furniture for small apartments — but it quickly became a two-way street, which could mean the Swedish home furnishing company has a say in how future human colonists live on other planets.

4. Accel closes new $550M fund for India

This is a significant amount of capital for Accel’s efforts in the country, where it began investing 15 years ago and has deployed roughly $1 billion through all its previous funds.

5. Here’s the math behind Tesla’s dumb Cybertruck vs F-150 tow test

During the unveiling of the Cybertruck, Tesla included a butt-to-butt pull-off. Besides being a silly test, this particular demo was flawed in multiple ways, giving the Tesla a major advantage.

6. Will the future of work be ethical? Founder perspectives

Following up on Greg Epstein’s column about whether the future of work will be ethical, we’ve published a number of other perspectives on the topic — including this one, in which he speaks to Andrea Thomaz of Diligent Robotics and Prayag Narula of LeadGenius. (Extra Crunch membership required.)

7. This week’s TechCrunch podcasts

This week’s Equity looks at Cocoon, a Y Combinator-backed startup that wants to help users stay in touch with close friends. (Also: I was relieved that even though Alex Wilhelm is leaving his role at Crunchbase, he’ll be sticking around to co-host the podcast.) And we’ve got a Thanksgiving edition of Original Content that focuses on what we’re thankful for in the streaming world.

For about a year now, continuous integration and delivery service CircleCI has offered Orbs, a way to easily reuse commands and integrations with third-party services. Unsurprisingly, some of the most popular Orbs focus on AWS, as that’s where most of the company’s developers are either testing their code or deploying it. Today, right in time for AWS’s annual re:Invent developer conference in Las Vegas, the company announced that it has now added Orb support for the AWS Serverless Application Model (SAM), which makes setting up automated CI/CD platforms for testing and deploying to AWS Lambda significantly easier.

In total, the company says, more than 11,000 organizations started using Orbs since it launched a year ago. Among the AWS-centric Orbs are those for building and updating images for the Amazon Elastic Container Services and the Elastic Container Service for Kubernetes (EKS), for example, as well as AWS CodeDeploy support, an Orb for installing and configuring the AWS command line interface, an Orb for working with the S3 storage service and more.

“We’re just seeing a momentum of more and more companies being ready to adopt [managed services like Lambda, ECS and EKS], so this became really the ideal time to do most of the work with the product team at AWS that manages their serverless ecosystem and to add in this capability to leverage that serverless application model and really have this out of the box CI/CD flow ready for users who wanted to start adding these into to Lambda,” CircleCI VP of business development Tom Trahan told me. “I think when Lambda was in its earlier days, a lot of people would use it and they would use it and not necessarily follow the same software patterns and delivery flow that they might have with their traditional software. As they put more and more into Lambda and are really putting a lot more what I would call ‘production quality code’ out there to leverage. They realize they do want to have that same software delivery capability and discipline for Lambda as well.”

Trahan stressed that he’s still talking about early adopters and company’s that started out as cloud-native companies, but these days, this group includes a lot of traditional companies as well that are now rapidly going through their own digital transformations.

Twitter today is launching a new resource that aims to serve as the central place for everything related to the company’s efforts around privacy and data protection, the Twitter Privacy Center. The new site will host information about Twitter’s initiatives, announcements, new privacy products, and other communication about security incidents.

The company says it wanted to create a centralized resource so it would be easier to find all the information about Twitter’s work in this area. However, the impacts of Europe’s data protection regulation, GDPR, likely also spurred Twitter’s efforts on this front, along with other data laws.

For its own purposes, Twitter now needs to have a more organized approach to consumer data privacy. As a result, it makes sense to put Twitter’s work and announcements onto a consumer-facing site that’s easy to navigate and use.

The new Twitter Privacy Center splits information between what’s aimed users and what’s for partners. On the latter front, it has dedicated pages for GDPR, CCPA (California Consumer Privacy Act), and Global DPA (Data Processing Addendum), for example.

The users’ section, meanwhile, directs visitors to Twitter’s Terms, Privacy Policy, Account Settings, Service Providers, and more.

In its newly updated policies, Twitter says the entity serving the E.U. or European Economic Area, is Twitter International Company, not Twitter. This change gives Twitter the ability to test features and settings and provide users with a different set of controls outside of its main product.

For example, Twitter says it may test additional opt-in or opt-out preferences, prompts or other requirements for advertisements. Some of this work may make its way back to Twitter eventually.

Twitter’s new Terms also clarify that its intellectual property license says that the content users provide may be curated, transformed, and translated by Twitter.

Plus, Twitter’s Privacy Policy has been modified with clarifications around how Twitter processes data, how tweets are shared with developers, and other changes.

In its announcement, Twitter spins its history a bit by saying how privacy has been its focus since the service’s creation in 2006. That’s a funny stance, given its product has been that of a public social media platform, not a private one — a sort of public SMS, in fact.

Twitter notes how users are able to be anonymous on its platform, a feature it says was built with privacy in mind. In reality, Twitter’s creation was inspired by SMS but Twitter remained an ambiguous product for years, until its user base grew and figured out what they wanted Twitter to be. Much of what Twitter is today — even its conventions like the @ mention and the retweet — grew organically, not by design.

The company’s announcement today also states its privacy and data protection work going forward will be focused on three key areas: 1) to fix Twitter’s technical debt — meaning upgrading older systems to support their current uses; 2) to build privacy into all new products it launches; and 3) accountability.

Products now go through reviews by Twitter’s Information Security, Product and Privacy Counsel teams, and its independent Office of Data Protection, ahead of launch. In addition, Twitter’s Data Protection Officer, Damien Kieran, will provide an independent assessment of all privacy and data protection-related work to Twitter’s board of directors every quarter to ensure Twitter remains on track.

“It’s so common to hear tech companies say: ‘Privacy is not a privilege; it is a fundamental right’ that those words have become a cliche. People have become desensitized to hearing companies say, ‘we value your privacy,’ and are worn out from being asked to accept privacy policies that they rarely, if ever, even read,” read Twitter’s announcement about the launch of the new Twitter Privacy Center, jointly authored by both Kieran and Twitter Product Lead, Kayvon Beykpour.

“Many companies make these declarations without even showing people what actions they are taking to protect their privacy. And let’s be honest, we have room for improvement, too,” it stated.

Mattress and bedding giant Tuft & Needle left hundreds of thousands of FedEx shipping labels containing customer names, addresses, and phone numbers on an unprotected cloud server.

More than 236,400 shipping labels were found on an Amazon Web Services (AWS) storage bucket without a password, allowing anyone who knew the easy-to-guess web address access to the customer data. Often, these AWS storage buckets are misconfigured by the owner by being set to “public” and not “private.”

The exposed labels were created between 2014 and 2017 during the company’s early years. Tuft & Needle was founded in 2012 in Arizona. But some labels were printed as recently as 2018.

It’s not known for how long the storage bucket was left open.

U.K.-based penetration testing company Fidus Information Security found the exposed data. TechCrunch verified the data by matching names and addresses against public records.

We contacted Tuft & Needle about the data exposure on Monday. The storage bucket was quickly shut down.

“We’ve secured any potential exposure and are investigating the matter further,” said spokesperson Brooke Figlo in an email.

Tuft & Needle said it would “comply” with any applicable state data breach notification laws, but did not explicitly say if the company would inform customers of the security lapse.

As part of the flurry of announcements coming this week out of AWS re:Invent, Amazon announced the release of Amazon SageMaker Operators for Kubernetes, a way for data scientists and developers to simplify training, tuning and deploying containerized machine learning models.

Packaging machine learning models in containers can help put them to work inside organizations faster, but getting there often requires a lot of extra management to make it all work. Amazon SageMaker Operators for Kubernetes is supposed to make it easier to run and manage those containers, the underlying infrastructure needed to run the models, and the workflows associated with all of it.

“While Kubernetes gives customers control and portability, running ML workloads on a Kubernetes cluster brings unique challenges. For example, the underlying infrastructure requires additional management such as optimizing for utilization, cost and performance; complying with appropriate security and regulatory requirements; and ensuring high availability and reliability,” AWS’ Aditya Bindal wrote in a blog post introducing the new feature.

When you combine that with the workflows associated with delivering a machine learning model inside an organization at scale, it becomes part of a much bigger delivery pipeline, one that is challenging to manage across departments and a variety of resource requirements.

This is precisely what Amazon SageMaker Operators for Kubernetes has been designed to help DevOps teams do. “Amazon SageMaker Operators for Kubernetes bridges this gap, and customers are now spared all the heavy lifting of integrating their Amazon SageMaker and Kubernetes workflows. Starting today, customers using Kubernetes can make a simple call to Amazon SageMaker, a modular and fully-managed service that makes it easier to build, train, and deploy machine learning (ML) models at scale,” Bindal wrote.

The promise of Kubernetes is that it can orchestrate the delivery of containers at the right moment, but if you haven’t automated delivery of the underlying infrastructure, you can over (or under) provision and not provide the correct amount of resources required to run the job. That’s where this new tool combined with SageMaker can help.

“With workflows in Amazon SageMaker, compute resources are pre-configured and optimized, only provisioned when requested, scaled as needed, and shut down automatically when jobs complete, offering near 100% utilization,” Bindal wrote.

Amazon SageMaker Operators for Kubernetes are available today in select AWS regions.

La Jolla, Calif.-based Fulcrum, a job placement company for technical projects, has raised $1 million in a seed round of funding from the local technology investment firm Greatscale Ventures along with several private co-investors, the company said.

The company has what it calls a fully compliant service for hiring freelancers onto technical projects that had previously only been the purview of full-time staffers — or work that would have been outsourced to pricey consulting firms.

Fulcrum says that its job-placement platform meets the regulatory requirements in 90 countries and is designed to give businesses the ability to design, manage and execute projects on-demand.

The company scrapes all marketplaces that freelancers currently use and on boards them through its own service so that they can work effectively with large corporations.