Blog

Omega has just announced a new version of their iconic Moonwatch, the chronograph that was worn most notably by Neil Armstrong on the surface of the moon. Their new model, the Dark Side of the Moon Apollo 8, features the traditional Moonwatch design with a few unique tweaks.

The has an exhibition back – you can see the movement through a glass crystal – as well as a skeletonized face. The bridges – the pieces that hold the gears in place – are laser etched with a representation of the lunar surface and blackened for effect. It contains a manual wind mechanical movement and, while there is no pricing yet, should come in at about $9,000.

The back of the case features an interesting quote. From the release:

“WE’LL SEE YOU ON THE OTHER SIDE” – the special words engraved on the caseback – were spoken by Command Module Pilot Jim Lovell on board the Apollo 8 mission at the start of the crew’s pioneering orbit to the dark side of the moon – a mysterious hemisphere never seen before by human eyes. Seconds before the spacecraft disappeared beyond the range of radio contact, Lovell spoke these final assuring words to ground control.

Why is this fancy and particularly expensive watch interesting? First, it’s a nice riff on the original Moonwatch, the first mechanical watch on the moon. Omega has been flogging the Moonwatch brand for decades and now they’re expanding to other space missions, including the Apollo 8. It’s a beautiful homage to the Golden Age of space exploration and it’s a bit more modern-looking than the original, austere black-and-white Speedmaster.

[gallery ids="1610258,1610257,1610256"]

Elon Musk raised a significant chunk of money for his tunnel boring venture, the aptly named Boring Company, via sales of a heavily marked up ‘flamethrower’ with Boring Co. branding. Those pre-sales are all concluded, but now people who put down cash to reserve one are finding out when they can get their flame on.

In an email to pre-order buyers, The Boring Company noted that the technically “not-a-flamethrower” production run should be wrapping up this spring, which means deliveries can be expected at least in time for “summer party” time. That’s good because people definitely need this fire generating device in time for the dry summer months, when forest fire risks are highest.

Another tidbit from the note to buyers: Customers can expect terms and conditions to be signed off ahead of shipments, which should be heading out in the next couple of weeks according to the company. The Boring Co. notes that these will be “rhyming,” and I presume they mean that literally – but they probably also have the serious purpose of making sure Elon’s corporate lawyers can once again enjoy something resembling sleep when these go out to customers.

Based on the shipping schedule of The Boring Company hat, which (full disclosure) I did buy (I did not buy the ‘not flamethrower’ flamethrower), if you ordered these you can probably still expect to wait a few more weeks if not months.

Netflix announced in a Medium post today that it is opening a public bug bounty program on the Bugcrowd bug bounty platform.

The roots of the company’s bug hunting concept go back to 2013 when Netflix launched what it called a,”responsible vulnerability disclosure program.” The idea continued to develop over the years and they launched a private bug bounty program on Bugcrowd in 2016. They started small with 100 researchers and today at the launch of the public program they have increased that number to 700, according to the blog post.

They report since inception they have been able to solve 145 issues, paying out a variety of bounties with the highest being $15,000. “We have attempted to fine tune things like triage quality, response time and researcher interactions to build a quality program that researchers like to participate in,” the company wrote in the blog post announcing the program.

Netflix is far from alone in running these kinds of programs. Many big organizations like Facebook, Google and many others use bug bounty programs to pay researchers to find security holes on their platforms before black-hat hackers do. The idea is to provide financial incentive to find the bugs, rather than going in and exploiting the vulnerability for personal gain.

There is generally a leader board, so in addition to financial remuneration, the researcher also gets bragging rights and public acclaim for tracking down bugs. And it’s not just traditional tech companies running these programs. General Motors has one running on the HackerOne platform and MasterCard has one on Bugcrowd.

Bugcrowd and other bug bounty platforms like HackerOne provide a way to administer the program, providing a way to recruit researchers, then letting them know which vulnerabilities they are looking for and how much they are willing to pay. To give you a sense of how lucrative these programs can be to hackers, Google released a report last month indicating it paid out almost $3 million in bounties last year with rewards ranging from $500 to $100,000.

Netflix is hoping to attract people who can similarly help them track bugs and keep their systems secure. A bug bounty program is a proven way to achieve that.

Sketchfab has built a huge library of 3D models. Some of them are available under a Creative Common license, others can be purchased. The startup now wants to help you do stuff with all this content. You can now download and import 3D models into your favorite 3D app.

Behind the scenes, Sketchfab has built a download API and some integrations with popular 3D tools. After that, you’ll find a Sketchfab search bar in a third-party app. You can type a few keywords, filter by quality, preview and then download a 3D model into your current work.

Sketchfab uses the glTF format. Eventually, the startup will let you store your own 3D models so you can access them from all Sketchfab-enabled apps. You’ll also find your purchased model in there, too.

Sketchfab has developed plugins for Unity, Unreal and Godot. Game developers are going to love this integration, especially if you want to put together a quick prototype before building your own 3D models.

You also can use Sketchfab in Torch3D, Minsight, Spatial stories, Selerio, StellarX, Holobeam, AnimVR, Plattar, Sketchbox3D and Looking Glass.

And the company is also working on integrations for Amazon Sumerian, Blender, Substance, Modo, Cinema 4D, Octane, HighFidelity, Aframe, Houdini, Sansar, Mimesys, The Wave VR, Masterpiece VR, Artomatix, Flipside VR, Blend Media, NormalVR, Vectary, Streem, and Meta glasses.

As you can see, Sketchfab covers a wide range of 3D software, as well as VR and AR platforms. There are more than 2.5 million 3D files on Sketchfab. So it makes sense to provide a download API that works just like Giphy integrations in messaging apps.

MIT CSAIL just revealed footage of SoFi, the lab’s robotic fish, which looks right at home swimming amongst the coral reefs of Fiji. The project is an attempt to create an autonomous underwater vehicle that looks as close to a real fish as possible, in hopes of studying marine life without disturbing them in the process.

The system is built around a soft robotic muscle, designed to operate similarly to a real-life fish tail. “We developed a system that takes silicone elastomer and placed hollow cavities in such a way that can equally distribute pressure on the skin of the body,” the study’s lead author Robert Katzschmann told TechCrunch. “We have two balloon chambers and flow water back and forth. That change in pressure causes the tail to undulate back and forth.”

It’s a principle that works similarly to existing soft robotics, many of which utilize shifting pneumatics to create motion in their joints. Here, it allows for the fish to be in constant motion, emitting less sound as it travels through the water.

The team did, however, use sound in other ways. A diver, equipped with a waterproofed Super Nintendo employed a custom acoustic system to help guide SoFi from afar.

“One challenge is that radio signals are absorbed really quickly in water, so something like WiFi or Bluetooth would only work within a few feet,” explained grad student, Joseph DelPreto. “Sound travels really well underwater, so we used that instead. The remote control sends out sounds that are too high-pitched for humans to hear, but the robot can decode them. Using this, we can send high-level commands to the robot.”

For now, the system is a cool video, but the team hopes access provided by Sofi’s on-board camera and fisheye lens could ultimately give marine biologists unprecedented access to their subjects.

“The fish could potentially do extraordinary things for our understanding of whales,” expand CSAIL head Daniel Rus, adding that whale births have been an extremely difficult phenomenon to capture on video. “Imagine using our fish as a non-threatening observer that is able to capture images and scenes that have never been seen before. We can learn so much about marine life.”

[gallery ids="1610233,1610232,1610234,1610235,1610236,1610237,1610238"]

During a recent interview with Forbes I was asked to reflect on the “Imposter Syndrome” and whether or not I was affected by it. My answer was “All the time, actually!” I came to realize that the insecurities attendant to being a first-generation college grad never really go away, and that their myriad visits continue to bedevil one’s sense of belonging.

I began to vaguely sense this after business school. I held three MIT degrees and yet the homogeneity of my workplace caused doubt to creep into my mind. The official recognition and naming of this syndrome changed me, because it made clear that I’d always have to remain on guard and proactively shore up feared shortcomings.

As investors, we constantly remind entrepreneurs that they’ll hear many nos and will have to power through them to get to the yesses. This is easier said than done for those whose insecurities are not held at bay by centuries of generational success. But, having been on the other side of this exchange while fundraising for the last two years, I’ve gained an appreciation for the process, and this will serve to help me de-personalize any future “nos” that come my way. More importantly, it’s helped me understand that to allow fear to cow me into less of an informed risk-taker is to be party to the dismantling of my own confidence.

Remaining an effective leader in the midst of the imposter syndrome is paramount, as is remaining active and on task, especially in the service of a greater good. For me, trepidation is best diffused by doing something for someone else. Being of service is an evergreen reminder that we have value, irrespective of extrinsics. The validation then cascades into a sense of belonging and worth, and the resultant bolstering of spirit conveniently spills over into energy applicable to the “regular” work ecosystem.

There’s a shared reality that applies to first-generation college grads and/or immigrants and/or underserved communities: beyond the drag of imposterism, risk taking is also inhibited by socioeconomic Swords of Damocles, such as income that can’t be gambled because it’s earmarked for food, health, family or other essentials. Invoking Maslow’s hierarchy of needs, financial brittleness inexorably dislevels one’s ability to propose and contend with unconstrained entrepreneurs. The struggle related to the twin bears of personal and financial fear is real, and it informs my passion to foster diversity through activism and venture capital.

A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a “supply chain attack” – meaning a hack that could compromise the device before it was shipped to the customer – and another attack that could allow a hacker to steal private keys after the device was initialized.

Rashid is not affiliated directly with any Ledger competitors although there was some suggestion that he did some work on Trezor and other competing hardware wallets. His response:

The Ledger team described the vulnerabilities dangerous but avoidable. For the “supply chain attack,” they wrote: “by having physical access to the device before generation of the seed, an attacker could fool the device by injecting his seed instead of generating a new one. The most likely scenario would be a scam operation from a shady reseller.”

“If you bought your device from a different channel, if this is a second hand device, or if you are unsure, then you could be victim of an elaborate scam. However, as no demonstration of the attack in the real has been shown, it is very unlikely. In both cases, a successful firmware update is the proof that your device has never been compromised,” wrote the team.

Further, the post-purchase hack “can be achieved only by having physical access to the device, knowing your PIN code and installing a rogue unsigned application. This rogue app could break isolation between apps and access sensitive data managed by specific apps such as GPG, U2F or Neo.”

Ledger CEO Eric Larchevêque claimed that there were no reports of the vulnerability effecting any active devices.

“No one was comprimised that we know of,” he said. “We have no knowledge that any device was affected.”

Rashid, for his part, was disappointed with the speed Ledger responded to his claims. He wrote on Twitter:

The Ledger team disagrees.

“We were in contact with Saleem for the last four months,” Larchevêque said. “It is incorrect to state that we did not reply to him or do anything. There were other vulnerabilities that came along at the same time and it was a complex vuln that was deep in the architecture of our system.”

“All systems have vulnerabilities,” said Larchevêque. “That’s part of the life of any security system. It’s a game of cat and mouse.”

Wallet maker Trezor has also announced an update for their hardware to verify the integrity of their devices.

Ultimately, this breach shows us that hardware wallets are a good solution but still not foolproof. Regular updates and careful key management are still vitally important.

Instagram may copy Snapchat’s QR Snapcode scanning, judging by files buried in the Instagram Android app’s files. Meanwhile, today it’s starting to let users link to hashtags and other accounts from their profile.

“Nametag scan” images indicate Instagram might want to let you aim your phone’s camera at a visual code to open someone’s profile. Instagram declined to comment, but the last time we reported portrait mode files that were hidden inside Instagram, it was spotted testing a “Focus” portrait mode option a week later.

TechCrunch reader Ishan Agarwal discovered the files seen below and provided them to TechCrunch.

The nametag scanning feature could eventually launch under a different name like Focus did. It would be a boon to businesses and social stars looking to visually promote their accounts both online and in physical print materials. It could also assist users with long or complex user names by making it easier for friends to follow them.

Profile Links To Hashtags and Accounts

As for official new features, Instagram is expanding self-expression within the profile beyond your bio and website link. Users will now be able to add links to several hashtags of content on Instagram so they can show off their favorite subcultures and topics. Users will also be able to provide links to other Instagram accounts. That could help people promote their other accounts, pledge allegiance to their favorite creator, or shout out their significant other.

“With hashtag and profile links in your bio, you can express yourself and your interests right in your profile. Whether you’re a #guitarlover, into #pencilsketching or have a #makeuptutorial account, now you can link to any hashtag or profile you want” Instagram writes. Users can add the links through the Edit Profile bio section. A typeahead will help people find the right things to link to. Accounts you link to will get a notification alerting them.

The features could make sure people keep gaining new followers and finding new people to voyeuristically observe. Avoiding graph stagnation is critical to the app keeping users coming back. If people feel like they’ve seen enough preening photos and silly Stories from everyone they follow, they could drift from Instagram.

Meanwhile, hashtag links could encourage users to dive deeper into Instagram, beyond the feed and today’s Stories. Knowing that your friends love a certain #slime or #Jordans hashtag could convince you to leap down the rabbit hole. They also provide a better way to visually define your interests in ways your own images and bio text can’t. In those senses, the feature is similar to Instagram Story Highlights, which launched late last year to let you permanently show off your favorite expired Stories.

Instagram is increasingly becoming a calling card or Internet home, especially for younger users who shun Facebook which previously held that role. By opening new ways to scan or link to accounts, and display what they’re all about, Instagram could become the source of people’s online identity. 

Spotify has been working with Cadillac to integrate the streaming music into the in-dash entertainment system for new and recent models. The app actually started as a quiet roll-out for some car owners earlier this year, accessible through the company’s in-car app store.

The app will be available on all new Cadillac models, along with a selection already on the market, including the XTS, CTS, ATS, CTS-V and ATS-V. Spotify walked me through the app in a new Caddy parked outside the iconic U.S. car maker’s flagship storefront on the west side of Manhattan.

Spotify says it believes the app represents a new kind of in-car model for the streaming service. Aesthetically, it kind of slips the difference between Cadillac’s infotainment system and Spotify’s app design — though the car’s display made the colors look a fair bit more subdued than you’ll find on your phone. Still, the music company’s pretty psyched that it was able to bring over some key stylistic elements, including fonts and such.

Spotify’s playlists are the key to the interface. Obviously the key to a successful in-car system is making things as seamless as possible, so the driver can focus on such important tasks as not crashing the car. Rather than scrolling through endless track listings, the app presents collections in a manner similar to the Browse tab on Spotify, with large images representing custom-picked playlists.

The downside of this is that it minimizes control over playback. So, you can’t hunt for specific artists, songs or albums. That’s a big downside for obsessive music listeners. There is a keyboard that’s accessible, but that will only pop up when you’ve come to a full and complete stop. The most obvious fix — voice functionality — has yet to be rolled out here.

The company says it’s working on a proprietary voice solution. It’s also working directly with Google and Amazon to integrate their voice assistants, but again, none of that at launch. That said, Spotify’s promising “three to four software updates minimum” per year, so hopefully that’s coming sooner than later.

Target has begun to test a new loyalty program, “Target Red,” that combines discounts on delivery with cash back on later purchases. The program will serve as an alternative to the existing REDcard program which requires customers to sign up for a Target credit or debit card. With Target Red, customers instead earn 1 percent back on purchases that they can redeem on their next visit, as well as receive 50 percent off a Shipt membership, and free next-day delivery through Target Restock.

The retailer had acquired same-day delivery service Shipt in December for $550 million, and has continued to operate it as usual, after adding Target to the list of available stores, of course. It’s also now helping to push customers who were shopping rival grocers on Shipt over to Target by pricing its own items the same as they are on the Target website, while others remain marked up.

Meanwhile, Target Restock is the retailer’s own entry in next-day delivery, which allows consumers to fill a box with everyday essentials – like household goods and pantry staples – and take delivery for $4.99 per box. (For comparison, Prime Pantry is now $7.99 per order, unless paying a $4.99 per month membership, which makes order over $40 ship free.)

However, Target Restock is only available in select metros at this time – following an expansion last fall, it now reaches over 70 million people, Target said.

Target Red loyalty program members will be able to waive that $5 delivery fee on Restock, and can take half off the cost of the typically $99 per year Shipt membership, too.

More importantly, perhaps, is the one percent back, as a way to lure in shoppers who won’t sign up for REDcard.

Target REDcard is already quite popular – as of the company’s latest earnings, it accounts for 24 percent of sales, with 12.7 percent from Target Debit Card, and 11.4 percent from Target Credit cards. But those figures aren’t climbing much these days. That’s where Red comes in.

“When developing Target Red, we went straight to our guests to better understand what would be most meaningful to them in a loyalty program,” said Rick Gomez, executive vice president and chief marketing officer, Target.

And what they wanted was a loyalty program without a payment card attached. They wanted something more along the lines of traditional loyalty – that is, being rewarded for shopping at Target.

Of course, Target tried rewarded loyalty before. In 2016, it launched “Cartwheel Perks,” where purchases turned into points that could be redeemed towards specific items. But the program may not have been as well-received as Target liked because of the complexity. The test ended last year, with Target promising something better was in the works.

A straight cash-back option is arguably much simpler.

Another interesting twist to Target Red – and one that likely appeals to millennial shoppers in particular – is the part where program members can direct Target’s charitable giving in their local community.

The test of Target Red is taking place in the Dallas-Fort Worth area for now, so members will be able to vote for local organizations who should receive Target’s community giving funds, in addition to redeeming rewards online and in stores through the Wallet in Target’s mobile app, which previously only worked with REDcard.

While largely billed as an alternative to REDcard, Target will allow REDcard members to join Target Red if they choose. They can’t stack the 1 percent back with their existing 5 percent discount, but they can use the other perks, the company says.

The addition of Red also comes at a time when Target, like all retailers, is trying to figure out its place in a market where Amazon is dominating e-commerce. With Amazon Prime, customers can take free 2-day delivery, fill pantry boxes, shop for groceries through Prime Now (including Whole Foods) or AmazonFresh, shop cashier-less convenience stores in select urban markets, and enjoy a host of other perks. Amazon also has a variety of payment products, like cashback cards, and even discounts for EBT shoppers.

Walmart has followed suit with free 2-day shipping without a membership, EBT support for online grocery orders, curbside grocery pickup and delivery (the latter of which is now expanding), hefty ship-to-store discounts, free shipping from Sam’s Club and its integration with Instacart, and more.

Target, then, needed to come up with a loyalty program of its own that will not just increase foot traffic (as the 1 percent back on a later purchase does), but also ties into Target’s newer e-commerce efforts, like Shipt and Restock.

Target did not confirm when the Target Red test would expand beyond Dallas-Fort Worth.