Category: UNCATEGORIZED

Google today announced an update to YouTube Music on iOS and Android that will make it easier to seamlessly switch between merely listening to the audio and watching a song’s music video. To do so, you only have to tap a button at the top of the screen. This should work for almost every song that has a video since Google has time-matched over 5 million official music videos to their audio tracks.

You have to be a paying YouTube Premium or YouTube Music Premium subscriber to get access to this new feature, though. If you’re using a free account, you’re out of luck.

While this is not exactly a fancy new feature, it definitely improves the user experience in YouTube Music. Google also argues that this move will make music videos more discoverable in the app.

Don’t care about music videos? Don’t worry. YouTube Music also features a “Don’t play music videos” setting.

Google’s music strategy is about as confusing as its messaging strategy, but as things stand right now, YouTube Music will replace the older Google Play Music experience at some point later this year. Or not. It’s always hard to tell with Google, given that Hangouts is still hanging in there, too. Clearly, though, the company’s music investments are now going into YouTube Music.

The U.S. Federal Trade Commission is considering an update to the laws governing children’s privacy online, known as the COPPA Rule (or, the Children’s Online Privacy Protection Act). The Rule first went into effect in 2000 and was amended in 2013 to address changes in how children use mobile devices and social networking sites. Now, the FTC believes it may be due for more revisions. The organization is seeking input and comments on possible updates, some of which are specifically focused on how to address sites that aren’t necessarily aimed at children, but have large numbers of child users.

In other words, sites like YouTube .

The FTC’s announcement comes only weeks after U.S. consumer advocacy groups and Senator Ed Markey (D-Mass.) sent complaint letters to the FTC, urging the regulators to investigate YouTube for potential COPPA violations.

The advocacy groups allege that YouTube is hiding behind its terms of service which claim YouTube is “not intended for children under 13” — a statement that’s clearly no longer true. Today, the platform is filled with videos designed for viewing by kids. Google even offers a YouTube Kids app aimed at preschooler to tween-aged children.

According to the letter written by the Campaign for a Commercial-Free Childhood (CCFC) and the Center for Digital Democracy (CDD), Google has now collected personal information from nearly 25 million children in the U.S., and it used this data to engage in “very sophisticated digital marketing techniques.”

The groups want YouTube to delete the children’s data, set up an age-gate on the site, and separate out any kids content into its own app where YouTube will have to properly follow COPPA guidelines.

These demands are among those pushing the FTC to this action.

The Commission says it wants input as to whether COPPA should be updated to better address websites and online services that are not traditionally aimed at children but are used by kids, as well as whether these “general audience platforms” should have to identity and police the child-directed content that’s uploaded by third parties.

In other words, should the FTC amend COPPA so it can protect the privacy of the kids using YouTube?

“In light of rapid technological changes that impact the online children’s marketplace, we must ensure COPPA remains effective,” said FTC Chairman Joe Simons, in a published statement. “We’re committed to strong COPPA enforcement, as well as industry outreach and a COPPA business hotline to foster a high level of COPPA compliance. But we also need to regularly revisit and, if warranted, update the Rule,” he added.

While YouTube is a key focus, the FTC will also seek comment on whether there should be an exception for parental consent for the use of educational technology in schools. And it wants to better understand the implications for COPPA in terms of interactive media, like interactive TV (think Netflix’s Minecraft: Story Mode, for example), or interactive gaming.

More broadly, the FTC wants to know how COPPA has impacted the availability of sites and services aimed at children, it says.

The decision to initiate a review of COPPA was a unanimous decision from the FTC’s five commissioners, which includes three Republicans and two Democrats.

Led by Simons, the FTC in February took action against Musical.ly (now TikTok), by issuing a record $5.7 million fine for its COPPA violations. Similar to YouTube, the app was used by a number of under-13 kids without parental consent. The company knew this was the case, but continued to collect the kids’ personal information, regardless.

“This record penalty should be a reminder to all online services and websites that target children: We take enforcement of COPPA very seriously, and we will not tolerate companies that flagrantly ignore the law,” Simons had said at the time.

The settlement with TikTok required the company to delete children’s videos and data and restrict underage users from being able to film videos.

It’s unclear why the FTC can’t now require the same of YouTube, given the similarities between the two services, without amending the law.

“They absolutely can and should fine YouTube, not to mention force YouTube to make significant changes, under the current regulations,” says Josh Golin, the Executive Director for CCFC. “As for the YouTube decision – by far the most important COPPA case in the agency’s history – it’s extremely concerning that the Commission appears to be signaling they do not have the authority under the current rules to hold YouTube accountable,” he says.

“COPPA rules could use some updating but the biggest problem with the law is the FTC’s lack of enforcement, which is something the Commission could address right away without a lengthy comment period,” Golin adds.

The FTC says it will hold a public workshop on October 7, 2019 to examine the COPPA Rule.

The U.S. Federal Trade Commission is considering an update to the laws governing children’s privacy online, known as the COPPA Rule (or, the Children’s Online Privacy Protection Act). The Rule first went into effect in 2000 and was amended in 2013 to address changes in how children use mobile devices and social networking sites. Now, the FTC believes it may be due for more revisions. The organization is seeking input and comments on possible updates, some of which are specifically focused on how to address sites that aren’t necessarily aimed at children, but have large numbers of child users.

In other words, sites like YouTube .

The FTC’s announcement comes only weeks after U.S. consumer advocacy groups and Senator Ed Markey (D-Mass.) sent complaint letters to the FTC, urging the regulators to investigate YouTube for potential COPPA violations.

The advocacy groups allege that YouTube is hiding behind its terms of service which claim YouTube is “not intended for children under 13” — a statement that’s clearly no longer true. Today, the platform is filled with videos designed for viewing by kids. Google even offers a YouTube Kids app aimed at preschooler to tween-aged children.

According to the letter written by the Campaign for a Commercial-Free Childhood (CCFC) and the Center for Digital Democracy (CDD), Google has now collected personal information from nearly 25 million children in the U.S., and it used this data to engage in “very sophisticated digital marketing techniques.”

The groups want YouTube to delete the children’s data, set up an age-gate on the site, and separate out any kids content into its own app where YouTube will have to properly follow COPPA guidelines.

These demands are among those pushing the FTC to this action.

The Commission says it wants input as to whether COPPA should be updated to better address websites and online services that are not traditionally aimed at children but are used by kids, as well as whether these “general audience platforms” should have to identity and police the child-directed content that’s uploaded by third parties.

In other words, should the FTC amend COPPA so it can protect the privacy of the kids using YouTube?

“In light of rapid technological changes that impact the online children’s marketplace, we must ensure COPPA remains effective,” said FTC Chairman Joe Simons, in a published statement. “We’re committed to strong COPPA enforcement, as well as industry outreach and a COPPA business hotline to foster a high level of COPPA compliance. But we also need to regularly revisit and, if warranted, update the Rule,” he added.

While YouTube is a key focus, the FTC will also seek comment on whether there should be an exception for parental consent for the use of educational technology in schools. And it wants to better understand the implications for COPPA in terms of interactive media, like interactive TV (think Netflix’s Minecraft: Story Mode, for example), or interactive gaming.

More broadly, the FTC wants to know how COPPA has impacted the availability of sites and services aimed at children, it says.

The decision to initiate a review of COPPA was a unanimous decision from the FTC’s five commissioners, which includes three Republicans and two Democrats.

Led by Simons, the FTC in February took action against Musical.ly (now TikTok), by issuing a record $5.7 million fine for its COPPA violations. Similar to YouTube, the app was used by a number of under-13 kids without parental consent. The company knew this was the case, but continued to collect the kids’ personal information, regardless.

“This record penalty should be a reminder to all online services and websites that target children: We take enforcement of COPPA very seriously, and we will not tolerate companies that flagrantly ignore the law,” Simons had said at the time.

The settlement with TikTok required the company to delete children’s videos and data and restrict underage users from being able to film videos.

It’s unclear why the FTC can’t now require the same of YouTube, given the similarities between the two services, without amending the law.

“They absolutely can and should fine YouTube, not to mention force YouTube to make significant changes, under the current regulations,” says Josh Golin, the Executive Director for CCFC. “As for the YouTube decision – by far the most important COPPA case in the agency’s history – it’s extremely concerning that the Commission appears to be signaling they do not have the authority under the current rules to hold YouTube accountable,” he says.

“COPPA rules could use some updating but the biggest problem with the law is the FTC’s lack of enforcement, which is something the Commission could address right away without a lengthy comment period,” Golin adds.

The FTC says it will hold a public workshop on October 7, 2019 to examine the COPPA Rule.

In just a few weeks Apple’s new iOS 13, the thirteenth major iteration of its popular iPhone software, will be out — along with new iPhones and a new iPad version, the aptly named iPadOS. We’ve taken iOS 13 for a spin over the past few weeks — with a focus on the new security and privacy features — to see what’s new and how it all works.

Here’s what you need to know.

You’ll start to see reminders about apps that track your location

Ever wonder which apps track your location? Wonder no more. iOS 13 will periodically remind you about apps that are tracking your location in the background. Every so often it will tell you how many times an app has tracked where you’ve been in a recent period of time, along with a small map of the location points. From this screen you can “always allow” the app to track your location or have the option to limit the tracking.

You can grant an app your location just once

To give you more control over what data have access to, iOS 13 now lets you give apps access to your location just once. Previously there was “always,” “never” or “while using,” meaning an app could be collecting your real-time location as you’re using it. Now you can grant an app access on a per use basis — particularly helpful for the privacy-minded folks.

And apps wanting access to Bluetooth can be declined access

Apps wanting to access Bluetooth will also ask for your consent. Although apps can use Bluetooth to connect to gadgets, like fitness bands and watches, Bluetooth-enabled tracking devices known as beacons can be used to monitor your whereabouts. These beacons are found everywhere — from stores to shopping malls. They can grab your device’s unique Bluetooth identifier and track your physical location between places, building up a picture of where you go and what you do — often for targeting you with ads. Blocking Bluetooth connections from apps that clearly don’t need it will help protect your privacy.

Find My gets a new name — and offline tracking

Find My, the new app name for locating your friends and lost devices, now comes with offline tracking. If you lost your laptop, you’d rely on its last Wi-Fi connected location. Now it broadcasts its location using Bluetooth, which is securely uploaded to Apple’s servers using nearby cellular-connected iPhones and other Apple devices. The location data is cryptographically scrambled and anonymized to prevent anyone other than the device owner — including Apple — from tracking your lost devices.

Your apps will no longer be able to snoop on your contacts’ notes

Another area that Apple is trying to button down is your contacts. Apps have to ask for your permission before they can access to your contacts. But in doing so they were also able to access the personal notes you wrote on each contact, like their home alarm code or a PIN number for phone banking, for example. Now, apps will no longer be able to see what’s in each “notes” field in a user’s contacts.

Sign In With Apple lets you use a fake relay email address

This is one of the cooler features coming soon — Apple’s new sign-in option allows users to sign in to apps and services with one tap, and without having to turn over any sensitive or private information. Any app that requires a sign-in option must use Sign In With Apple as an option. In doing so users can choose to share their email with the app maker, or choose a private “relay” email, which hides a user’s real email address so the app only sees a unique Apple-generated email instead. Apple says it doesn’t collect users’ data, making it a more privacy-minded solution. It works across all devices, including Android devices and websites.

You can silence unknown callers

Here’s one way you can cut down on disruptive spam calls: iOS 13 will let you send unknown callers straight to voicemail. This catches anyone who’s not in your contacts list will be considered an unknown caller.

You can strip location metadata from your photos

Every time you take a photo your iPhone stores the precise location of where the photo was taken as metadata in the photo file. But that can reveal sensitive or private locations — such as your home or office — if you share those photos on social media or other platforms, many of which don’t strip the data when they’re uploaded. Now you can. With a few taps, you can remove the location data from a photo before sharing it.

And Safari gets better anti-tracking features

Apple continues to advance its new anti-tracking technologies in its native Safari browser, like preventing cross-site tracking and browser fingerprinting. These features make it far more difficult for ads to track users across the web. iOS 13 has its cross-site tracking technology enabled by default so users are protected from the very beginning.

Read more:

• iOS 13 will let you limit app location access to ‘just once’
• Apple may combine ‘Find My iPhone’ & ‘Find My Friends’ apps, launch a Tile-like tracking device
• With iOS 13, Apple locks out apps from accessing users’ private notes in Contacts
• Apple introduces ‘Sign in with Apple’ to help protect your privacy
• Answers to your burning questions about how ‘Sign In with Apple’ works
• How to stop robocalls spamming your phone
• Apple has a plan to make online ads more private

It’s finally here.

Apple’s new iOS 13, the thirteenth major iteration of its popular iPhone software, is out to download. We took iOS 13 for a spin with a focus on the new security and privacy features to see what’s new and how it all works.

Here’s what you need to know.

You’ll start to see reminders about apps that track your location

Ever wonder which apps track your location? Wonder no more. iOS 13 periodically reminds you about apps that are tracking your location in the background. Every so often it will tell you how many times an app has tracked where you’ve been in a recent period of time, along with a small map of the location points. From this screen you can “always allow” the app to track your location or have the option to limit the tracking.

You can grant an app your location just once

To give you more control over what data have access to, iOS 13 now lets you give apps access to your location just once. Previously there was “always,” “never” or “while using,” meaning an app could be collecting your real-time location as you’re using it. Now you can grant an app access on a per use basis — particularly helpful for the privacy-minded folks.

And apps wanting access to Bluetooth can be declined access

Apps wanting to access Bluetooth will also ask for your consent. Although apps can use Bluetooth to connect to gadgets, like fitness bands and watches, Bluetooth-enabled tracking devices known as beacons can be used to monitor your whereabouts. These beacons are found everywhere — from stores to shopping malls. They can grab your device’s unique Bluetooth identifier and track your physical location between places, building up a picture of where you go and what you do — often for targeting you with ads. Blocking Bluetooth connections from apps that clearly don’t need it will help protect your privacy.

Find My gets a new name — and offline tracking

Find My, the new app name for locating your friends and lost devices, now comes with offline tracking. If you lost your laptop, you’d rely on its last Wi-Fi connected location. Now it broadcasts its location using Bluetooth, which is securely uploaded to Apple’s servers using nearby cellular-connected iPhones and other Apple devices. The location data is cryptographically scrambled and anonymized to prevent anyone other than the device owner — including Apple — from tracking your lost devices.

Your apps will no longer be able to snoop on your contacts’ notes

Another area that Apple is trying to button down is your contacts. Apps have to ask for your permission before they can access to your contacts. But in doing so they were also able to access the personal notes you wrote on each contact, like their home alarm code or a PIN number for phone banking, for example. Now, apps will no longer be able to see what’s in each “notes” field in a user’s contacts.

Sign In With Apple lets you use a fake relay email address

This is one of the cooler features coming soon — Apple’s new sign-in option allows users to sign in to apps and services with one tap, and without having to turn over any sensitive or private information. Any app that requires a sign-in option must use Sign In With Apple as an option. In doing so users can choose to share their email with the app maker, or choose a private “relay” email, which hides a user’s real email address so the app only sees a unique Apple-generated email instead. Apple says it doesn’t collect users’ data, making it a more privacy-minded solution. It works across all devices, including Android devices and websites.

You can silence unknown callers

Here’s one way you can cut down on disruptive spam calls: iOS 13 will let you send unknown callers straight to voicemail. This catches anyone who’s not in your contacts list will be considered an unknown caller.

You can strip location metadata from your photos

Every time you take a photo your iPhone stores the precise location of where the photo was taken as metadata in the photo file. But that can reveal sensitive or private locations — such as your home or office — if you share those photos on social media or other platforms, many of which don’t strip the data when they’re uploaded. Now you can. With a few taps, you can remove the location data from a photo before sharing it.

And Safari gets better anti-tracking features

Apple continues to advance its new anti-tracking technologies in its native Safari browser, like preventing cross-site tracking and browser fingerprinting. These features make it far more difficult for ads to track users across the web. iOS 13 has its cross-site tracking technology enabled by default so users are protected from the very beginning.

First published on July 19 and updated with iOS 13’s launch. 

Read more:

• iOS 13 will let you limit app location access to ‘just once’
• Apple may combine ‘Find My iPhone’ & ‘Find My Friends’ apps, launch a Tile-like tracking device
• With iOS 13, Apple locks out apps from accessing users’ private notes in Contacts
• Apple introduces ‘Sign in with Apple’ to help protect your privacy
• Answers to your burning questions about how ‘Sign In with Apple’ works
• How to stop robocalls spamming your phone
• Apple has a plan to make online ads more private

The rise of data breaches, along with an expanding raft of regulations (now numbering 80 different regional regimes, and growing) have thrust data protection — having legal and compliant ways of handling personal user information — to the top of the list of things that an organization needs to consider when building and operating their businesses. Now a startup called InCountry, which is building both the infrastructure for these companies to securely store that personal data in each jurisdiction, as well as a comprehensive policy framework for them to follow, has raised a Series A of $15 million. The funding is coming in just three months after closing its seed round — underscoring both the attention this area is getting and the opportunity ahead.

The funding is being led by three investors: Arbor Ventures of Singapore, Global Founders Capital of Berlin, and Mubadala of Abu Dhabi. Previous investors Caffeinated Capital, Felicis Ventures, Charles River Ventures, and Team Builder Ventures (along with others that are not being named) also participated. It brings the total raised to date to $21 million.

Peter Yared, the CEO and founder, pointed out in an interview the geographic diversity of the three lead backers: he described this as a strategic investment, which has resulted from InCountry already expanding its work in each region. (As one example, he pointed out a new law in the UAE requiring all health data of its citizens to be stored in the country — regardless of where it originated.)

As a result, the startup will be opening offices in each of the regions and launching a new product, InCountry Border, to focus on encryption and data handling that keep data inside specific jurisdictions. This will sit alongside the company’s compliance consultancy as well as its infrastructure business.

“We’re only 28 people and only six months old,” Yared said. “But the proposition we offer — requiring no code changes, but allowing companies to automatically pull out and store the personally identifiable information in a separate place, without anything needed on their own back end, has been a strong pull. We’re flabbergasted with the meetings we’ve been getting.” (The alternative, of companies storing this information themselves, has become massively unpalatable, given all the data breaches we’ve seen, he pointed out.)

In part because of the nature of data protection, in its short six months of life, InCountry has already come out of the gates with a global viewpoint and global remit.

It’s already active in 65 countries — which means it’s already equipped to stores, processes, and regulates profile data in the country of origin in these markets — but that is actually just the tip of the iceberg. The company points out that more than 80 countries around the world have data sovereignty regulations, and that in the US, some 25 states already have data privacy laws. Violating these can have disastrous consequences for a company’s reputation, not to mention its bottom line: In Europe, earlier this month the UK data regulator is now fining companies the equivalent of hundreds of millions of dollars when they violate GDPR rules.

This ironically is translating into a big business opportunity for startups that are building technology to help companies cope with this. Just last week, OneTrust raised a $200 million Series A to continue building out its technology and business funnel — the company is a “gateway” specialist, building the welcome screens that you encounter when you visit sites to accept or reject a set of cookies and other data requests.

Yared says that while InCountry is very young and is still working on its channel strategy — it’s mainly working directly with companies at this point — there is a clear opportunity both to partner with others within the ecosystem as well as integrators and others working on cloud services and security to build bigger customer networks.

That speaks to the complexity of the issue, and the different entry points that exist to solve it.

“The rapidly evolving and complex global regulatory landscape in our technology driven world is a growing challenge for companies,” said Melissa Guzy of Arbor Ventures, in a statement. Guzy is joining the board with this round. “InCountry is the first to provide a comprehensive solution in the cloud that enables companies to operate globally and address data sovereignty. We’re thrilled to partner and support the company’s mission to enable global data compliance for international businesses.”

 

 

The rise of data breaches, along with an expanding raft of regulations (now numbering 80 different regional regimes, and growing) have thrust data protection — having legal and compliant ways of handling personal user information — to the top of the list of things that an organization needs to consider when building and operating their businesses. Now a startup called InCountry, which is building both the infrastructure for these companies to securely store that personal data in each jurisdiction, as well as a comprehensive policy framework for them to follow, has raised a Series A of $15 million. The funding is coming in just three months after closing its seed round — underscoring both the attention this area is getting and the opportunity ahead.

The funding is being led by three investors: Arbor Ventures of Singapore, Global Founders Capital of Berlin, and Mubadala of Abu Dhabi. Previous investors Caffeinated Capital, Felicis Ventures, Charles River Ventures, and Team Builder Ventures (along with others that are not being named) also participated. It brings the total raised to date to $21 million.

Peter Yared, the CEO and founder, pointed out in an interview the geographic diversity of the three lead backers: he described this as a strategic investment, which has resulted from InCountry already expanding its work in each region. (As one example, he pointed out a new law in the UAE requiring all health data of its citizens to be stored in the country — regardless of where it originated.)

As a result, the startup will be opening offices in each of the regions and launching a new product, InCountry Border, to focus on encryption and data handling that keep data inside specific jurisdictions. This will sit alongside the company’s compliance consultancy as well as its infrastructure business.

“We’re only 28 people and only six months old,” Yared said. “But the proposition we offer — requiring no code changes, but allowing companies to automatically pull out and store the personally identifiable information in a separate place, without anything needed on their own back end, has been a strong pull. We’re flabbergasted with the meetings we’ve been getting.” (The alternative, of companies storing this information themselves, has become massively unpalatable, given all the data breaches we’ve seen, he pointed out.)

In part because of the nature of data protection, in its short six months of life, InCountry has already come out of the gates with a global viewpoint and global remit.

It’s already active in 65 countries — which means it’s already equipped to stores, processes, and regulates profile data in the country of origin in these markets — but that is actually just the tip of the iceberg. The company points out that more than 80 countries around the world have data sovereignty regulations, and that in the US, some 25 states already have data privacy laws. Violating these can have disastrous consequences for a company’s reputation, not to mention its bottom line: In Europe, earlier this month the UK data regulator is now fining companies the equivalent of hundreds of millions of dollars when they violate GDPR rules.

This ironically is translating into a big business opportunity for startups that are building technology to help companies cope with this. Just last week, OneTrust raised a $200 million Series A to continue building out its technology and business funnel — the company is a “gateway” specialist, building the welcome screens that you encounter when you visit sites to accept or reject a set of cookies and other data requests.

Yared says that while InCountry is very young and is still working on its channel strategy — it’s mainly working directly with companies at this point — there is a clear opportunity both to partner with others within the ecosystem as well as integrators and others working on cloud services and security to build bigger customer networks.

That speaks to the complexity of the issue, and the different entry points that exist to solve it.

“The rapidly evolving and complex global regulatory landscape in our technology driven world is a growing challenge for companies,” said Melissa Guzy of Arbor Ventures, in a statement. Guzy is joining the board with this round. “InCountry is the first to provide a comprehensive solution in the cloud that enables companies to operate globally and address data sovereignty. We’re thrilled to partner and support the company’s mission to enable global data compliance for international businesses.”

 

 

Google has a number of different celebrations of the 50-year anniversary of the Apollo 11 Moon landing going on right now, but one organized by the Maps team might be the most grandiose in terms of scale and effect. At the Ivanpah Solar Facility in the Mojave Desert, Google set about creating a huge portrait celebrating Apollo program lead software engineer Margaret Hamilton, using reflective solar panels and the light of the Moon.

The portrait is made up of over 107,000 mirrors, which cover an area spanning 1.4-square miles, which is actually bigger in surface area than Central Park in NYC – or, for a different sense of scale, it’s an area that would fit over 200 Eiffel Towers lined up side-by-side. You could spot the image created from as high up as 1,900 meters (about 6,233 feet).

[gallery ids="1857488,1857490,1857489,1857491,1857487"]

The gigantic image includes not only a portrait of Hamilton, but also her name along with the ‘Apollo 11’ mission title, and an image of the lunar lander used to bring astronauts to the surface for the first time. That’s in reference to Hamilton’s key role in ensuring that the Apollo 11 landing went as planned, thanks to her creation of a priority display that provided astronauts with the info they needed despite an overloaded guidance computer near the end of the lander’s trip to the surface.

Hamilton, now 82, recently provided an interview to The Guardian detailing her path to Apollo and her role leading the software team for the Apollo 11 mission.

Bug hunting can be a lucrative gig. Depending on the company, a serious bug reported through the proper channels can earn whoever found it first tens of thousands of dollars.

Google launched a bug bounty program for Chrome in 2010. Today they’re increasing the maximum rewards for that program by 2-3x.

Rewards in Chrome’s bug bounty program vary considerably based on how severe a bug is and how detailed your report is — a “baseline” report with fewer details will generally earn less than a “high-quality” report that does things like explain how a bug might be exploited, why it’s happening, and how it might be fixed. You can read about how Google rates reports right here.

But in both cases, the potential reward size is being increased. The maximum payout for a baseline report is increasing from $5,000 to $15,000, while the maximum payout for a high quality report is being bumped from $15,000 to $30,000.

There’s one type of exploit that Google is particularly interested in: those that compromise a Chromebook or Chromebox device running in guest mode, and that aren’t fixed with a quick reboot. Google first offered a $50,000 reward for this type of bug, increasing it to $100,000 in 2016 after no one had managed to claim it. Today they’re bumping it to $150,000.

They’ve also introduced a new exploit category for Chrome OS rewards: lockscreen bypasses. If you can get around the lockscreen (by pulling information out of a locked user session, for example,) Google will pay out up to $15,000.

Google pays additional rewards for any bugs found using its “Chrome Fuzzer Program” —a program that lets researchers write automated tests and run them on lots and lots of machines in the hopes of finding a bug that only shows up at much larger scales. The bonus for bugs found through the Fuzzer program will be increased from $500 to $1000 (on top of whatever reward you’d normally get for a bug in that category.)

Google says that it’s paid out over $5M in bug bounties through its Chrome Vulnerability Rewards Program since it was introduced in 2010. As of February of this year, the company had paid out over $15M across all of their bug bounty programs.

Newsflash for all female founders of the early-stage startup variety. Your chance to meet with leading women VCs at Disrupt SF 2019 on October 2-4 ends on July 19 at 5 p.m. (PT). Apply for an AMA session before the deadline expires.

We’re serious when it comes to supporting women in tech, which is why we partnered with All Raise — a startup nonprofit dedicated to accelerating female founder success. They’re hosting a day-long AMA (“ask me anything”) event, where you and about 100 other female founders can schedule a session to pick the brain of a leading female VC.

Here’s what you need to know about the All Raise AMA event. It takes place on October 3 in a reserved area within Startup Alley. The sessions are 30 minutes, and there will be at least 30 scheduled throughout the day.

Each AMA session consists of three founders and one All Raise community VC. You’ll be face-to-face with one of the best investors around; someone who’s willing to share and support your dream — talk about a rare opportunity. In fact, here are some of the female VCs you might meet:

• Dayna Grayson, NEA
• Susan Lyne, BBG
• Shauntel Garvey, Reach Capital
• Eurie Kim, Forerunner
• Jess Lee, Sequoia
• Kara Nortman, Upfront
• Sara Guo, Greylock,
• Anarghya Vardhana, Maveron
• Eva Ho, Fika Ventures
• Sarah Smith, Bain Capital Ventures
• Jess Lin, Work-Bench

You qualify to apply for an All Raise AMA if you meet the following criteria: you’re a U.S.-based woman founder and you’ve raised at least $250,000 in a Seed, A or B round. All Raise gives special consideration to founders from underrepresented groups (e.g. Black, Latinx or LGBTQIA women).

All Raise will review the applications and base acceptance on availability for session spots, investor fit with industry sector and company stage, as well as demand for certain categories.

If they select you to participate, all you need to do is buy any pass to Disrupt SF (including Expo Only). All Raise will contact you via email to let you know when your AMA session takes place.

An opportunity like this doesn’t come along every day, and your chance to take advantage of it ends soon. Don’t wait, apply to the All Raise AMA event before the deadline expires on July 19 at 5 p.m. (PT). Get your burning questions answered!

If you are interested in sponsoring this event or exhibiting at Disrupt San Francisco 2019, fill out this form to get in contact with our sales team.