For entrepreneurs interested to meet and chat with Sramana Mitra in person, please join us for our weekly informal group meetups. If you are living in the San Francisco Bay Area or are just in town...
___
During this week’s roundtable, we had as our guest Laurel Touby, Managing Partner, Supernode Ventures, a former entrepreneur and avid angel investor who has now launched her new institutional...
___
Mapbox, the SoftBank-backed developer of mapping applications that competes with Google Maps, TomTom and Here, has acquired the intellectual property and developers behind Mapzen’s Valhalla project in a bid to strengthen its navigation toolkits. Read More
Buying event tickets online isn’t a great experience. Sites like Ticketmaster are the default, but are difficult to use and expensive. A startup called Lea wants to offer a more modern experience by combining event search, discovery, seat selection and payment all in a single application that works right in Facebook Messenger. Read More
Venture capitalists have been trying to make money from the higher education market for years. It’s a rich target for the clutch of investors that pride themselves (in their better moments) on investing in companies that can improve society, and that work to fix broken systems, and a new startup, Frank, is the latest attempt to make a lasting change in the industry. Read More
Each day, kids go to school and lose things. But RagTagd, a Sydney-based company, is looking to fix that. RagTagd is a service that provides ultra-simple RFID tags in kids’ school uniforms and sensor-equipped bins to schools so that lost property can be tracked. When a kid’s lost jumper ends up in a bin at their school, the second it hits the bin a text is sent to the… Read More
Healthcare in America is a mess with no quick solutions and many people aren’t getting the help they need. Created to bridge mental and physical healthcare, New York City-based Quartet Health wants to make life better for patients with a platform that allows providers to collaborate on treatment plans. Currently available in six U.S. markets, Quartet announced today that it has raised… Read More
Sramana Mitra: You kind of need a tribe of people who think the same way. If you want to work on interesting problems, but necessarily unicorn ideas, then you need other people around in the...
___
Mark Zuckerberg is arguably the public face of the internet we never chose, but also the one we deserve based on the time we all spend using Facebook products. At some point, Facebook became so big that Zuckerberg’s personal challenges became news. And this year’s personal challenge is not personal at all — it’s all about work. In 2017, Zuckerberg wanted to meet and… Read More
Today’s 380th FREE online 1Mby1M roundtable for entrepreneurs is starting NOW, on Thursday, January 4, at 8:00 a.m. PST/11:00 a.m. EST/9:30 p.m. India IST. Click here to join. All are welcome!
___
Today’s 380th FREE online 1Mby1M roundtable for entrepreneurs is starting in 30 minutes, on Thursday, January 4, at 8:00 a.m. PST/11:00 a.m. EST/9:30 p.m. India IST. Click here to join. All are...
___
French startup Blade, the company behind Shadow, is about to expand its cloud gaming service to the U.S. Customers who live in California can pre-order starting today, and they’ll be able to access the service on February 15th. The rest of the U.S. will be able to subscribe later this summer. Shadow is currently live in France, Belgium, Switzerland and Luxembourg. For a flat monthly… Read More
Decisions, decisions. Do you link to your Instagram profile on your Twitter feed or your Facebook page? Or maybe you want to showcase your Github, LinkedIn and Pinterest pages but there’s only one URL field which means you have to choose. Read More
MoneyLion, the part lending, part savings and part wealth management app targeted at the financial middle class has raised $42M in Series B funding.This brings total equity funding to $67M since being founded in 2013.The startup provides an all-in-one platform for anything finance related. A user connects their bank accounts and credit cards and then gets personalized advice based on their… Read More
Aurora co-founder CEO Chris Urmson Aurora
Aurora is a highly watched startup by three well-known self-driving car veterans from Google, Tesla, and Uber. It is only about a year old but it's already announcing two giant auto-makers as customers:Â Volkswagen and Hyundai. They will be using Aurora's tech to build fleets of robot taxis.
It's only been a year since news broke about a new secretive, self-driving car startup called Aurora and the startup is already announcing two giant auto-maker as customers: Volkswagen and Hyundai.
Aurora has been a much-watched startup because it was founded by three of Silicon Valley's most famous self-driving engineers: former Google self-driving car project head Chris Urmson; the former head of Tesla Autopilot, Sterling Anderson; and former Uber self-driving star engineer Drew Bagnell. The year-old company was even named by venture investors as one of the 50 startups that will boom in 2018.
But the company has been relatively quiet about its plans until this week. Now, Aurora is coming out of stealth to announce that it is working with Volkswagen and Hyundai to build each of these companies a fleet of robot taxis, which it refers to as Mobility-as-a-Service (MaaS).Â
Hyundai autonomous Ioniq model vehicle Aurora
Volkswagen and Aurora have been working together for six months, and MaaS is "phase 1," Urmson told Business Insider.
Later, the self-driving tech will find its way into VW vehicles, with the auto company planning to "[roll] out that self-driving system across the [VW] brands and various vehicles from trucks to shuttles."
Urmson wouldn't share the timeline for when these cars will be available. However, Volkswagen says it intends to bring a wide variety of autonomous driving functions to its cars by 2021.
Aurora is also working with Hyundai to build self-driving cars by 2021. It is aiming for "Level 4 automation" which is when a car can completely drive itself under a limited set of conditions, like at a slower speed or in a defined area. Â
Like Volkswagen, mobility-as-a-service is Hyundai's first step towards a broader strategy, too.
Aurora's angle is that it's nicer to the car makers than other self-driving specialists. Urmson isn't trying to disrupt car makers and he doesn't want to build his own car, Urmson said.
Even so, it has already had a scuffle with Tesla. Just a few months after it launched, Tesla sued Aurora and Andersen claiming he was poaching employees from Tesla.
Aurora co-founder and chief product officer Sterling Anderson Aurora
The two settled the suit when Aurora agreed to undergo audits proving Aurora isn't using any of Tesla's intellectual property.
Otherwise, Anderson indicates that he and his cofounders are relishing the opportunity to work on self-driving cars, a field that the three are passionate about.
It helps to be a startup comprised of engineers that have known of each other for years, and have been working on robotic technology since their college days.Â
"Weâve been developing these systems for over a decade," Anderson said. "Since long before it was ever trendy."
Urmson adds. "We arenât three guys who dropped out of a graduate program to do a startup. This was about bringing together the right team to do this the right way for the industry."
Pablo Blazquez Dominguez / Getty
A new variant of a long-running piece of Android malware now imitates parts of Uber's app to trick users into giving away their login credentials. Android Fakeapp malware poses as a legitimate app, then sniffs out your data and shows you ads for profit. Security firm Symantec described the Uber mimicry as a "novel monetisation technique." But as long as you stick to Android apps from Google's Play Store, you're pretty safe.
Long-running Android malware "Fakeapp" has a new tack to trick people into giving away confidential login information, by imitating Uber's user interface.
We first saw the news via Engadget.
Fakeapp is a trojan horse for Android which pretends to be a legitimate application and, when downloaded, also downloads additional files that sniff out your data and display you ads for profit.
According to Symantec, a new variant saw Fakeapp spoofing the layout of Uber's app. This would pop up on the user's screen periodically in an effort to get them to enter their confidential login details, such as their phone number and password.
Here's what it looks like:
The malware creators then got "creative" according to Symantec. Once you've entered your details, the malware deep links to a page from the legitimate Uber app â specifically the screen that shows your location and asks you where you want to go. Deep linking on mobile means linking to a specific bit of an app, rather than simply just launching the app.
As Symantec put it: "To show the said screen, the malware uses the deep link URI of the legitimate app that starts the appâs Ride Request activity, with the current location of the victim preloaded as the pickup point.
"Deep links are URLs that take users directly to specific content in an app. Deep linking in Android is a way to identify a specific piece of content or functionality inside an app. It is much like a web URL, but for applications."
The risk of any of this affecting you is pretty low, especially if you stick to downloading apps from Google's Play Store, rather than a third-party app store. Both Symantec and McAfee classify Android FakeApp as low risk too.
An Uber spokesman told Engadget said the firm would probably spot unauthorised logins:Â "Because this phishing technique requires consumers to first download a malicious app from outside the official Play store, we recommend only downloading apps from trusted sources. However, we want to protect our users even if they make an honest mistake and that's why we put a collection of security controls and systems in place to help detect and block unauthorized logins even if you accidentally give away your password."
Apple Park, Apple's new $5 billion (£3.7 billion) Cupertino, California headquarters, wasn't always designed to look like the aptly named, ring-looking "Spaceship" it is.
The Norman Foster Foundation â which branches out from the famous architecture studio that helped Apple design and build Apple Park â recently published a book with pictures depicting different designs for the tech giant's new home (as first reported by 9to5Mac).
The book, filled with shots by photographer José Manuel Ballester, is called "Spaces," and shows prototype ideas that vary from a simple cluster of buildings (not too different from the old One Infinite Loop's layout), to more radical designs like a spider-looking building or a three-blade propeller, which Steve Jobs himself was apparently a fan of.
Apple's collaboration with Foster + Partners doesn't stop there, however; the two also set up "Common Futures," an exhibition that will run until February 4 at Madrid's Espacio Fundación Telefónica.
The studio set up a number of scale models of some of its buildings there, including one for Apple's Park, in a space that also includes sketches of older design ideas and more.
Daniel Craig as James Bond in 2015's "Spectre." Sony/ Columbia
The tech world is in a tizzy over "Meltdown" and "Spectre" â two methods of exploiting a security vulnerability found in Intel, AMD, and ARM processors which, between them, threaten almost all PCs, laptops, tablets, and smartphones, regardless of manufacturer or operating system. The exploits were discovered by Google, which warns that an attacker could use them to steal sensitive or confidential information, including passwords. The first wave of patches has already started to go out for Microsoft's Windows 10, Apple's MacOS, Linux, and Android. These fixes could slow down some computers, particularly older ones. Spectre is particularly nasty â there's no real fix for it, and it exploits a fundamental part of how processors work.Â
Silicon Valley is abuzz about 'Meltdown' and 'Spectre' â new ways for hackers to attack Intel, AMD, and ARM processors that were first discovered by Google last year, and publicly disclosed Wednesday.
Meltdown and Spectre, which take advantage of the same basic security vulnerability in those chips, could hypothetically be used by malicious actors to "read sensitive information in [a] systemâs memory, such as passwords, encryption keys, or sensitive information open in applications," as Google puts it in an official FAQ.Â
The first thing you need to know: Pretty much every PC, laptop, tablet, and smartphone is affected by the security flaw, regardless of which company made the device or what operating system it runs. The vulnerability isn't easy to exploit â it requires a specific set of circumstances, including having malware already running on the device â but it's not just theoretical.Â
And the problem could affect much more than just personal devices. The flaw potentially could be exploited on servers and in data centers and massive cloud computing platforms such as Amazon Web Services, Microsoft Azure, or Google Cloud. In fact, given the right conditions, Meltdown or Spectre could be used by customers of those cloud services to actually steal data from one another.Â
Although fixes are already being rolled out for the vulnerability, they often will come with a price. Some devices, especially older PCs, could be slowed markedly by them.Â
Here's what Meltdown and Spectre are. And, just as importantly, here's what they're not.
There's some good news: Intel and Google say that they've never seen any attacks like Meltdown or Spectre actually being used in the wild. And companies including Intel, Amazon, Google, Apple, and Microsoft are rushing to issue fixes, with the first wave already out.Â
The most immediate consequence of all of this will come from those fixes. Some devices will see a performance dip of as much as 30% after the fixes are installed, according to some reports. Intel, however, disputed that figure, saying the amount by which computers will be slowed will depend on how they're being used.
The Meltdown attack only seems to work on Intel processors. You can guard against it with software updates, according to Google. Those are already starting to become available for Linux and Windows 10.
Intel CEO Brian Krzanich Reuters/ Robert Galbraith
Spectre, by contrast, appears to be much more dangerous. Google says it's been able to successfully execute Spectre attacks on processors from Intel, ARM, and AMD. And, according to the search giant, there's no single, simple fix.
It's harder to pull off a Spectre-based attack, which is why nobody's completely panicking. But the attack takes advantages of an integral part of how processors work, meaning it will take a new generation of hardware to stamp it out for good.
In fact, that's how Spectre got its name.
"As it is not easy to fix, it will haunt us for quite some time," says the official Meltdown/Spectre FAQ.
Despite how they've been discussed so far in the press, Meltdown and Spectre aren't really "bugs." Instead, they represent methods discovered by Google's Project Zero cybersecurity lab to take advantage of the normal ways that Intel, ARM, and AMD processors work.Â
To use a "Star Wars" analogy, Google inspected the Death Star plans and found an exploitable weakness in a small thermal exhaust port. In the same way that two precisely-placed proton torpedoes could blow up the Death Star, so too can Meltdown and Spectre take advantage of a very specific design quirk and get around (or "melt down," hence the name) processors' normal security precautions.Â
Google didn't so much find a bug or a glitch with modern processors, so much as they exploited a quirk in the way they're designed. Kind of like how the Rebel Alliance exploited a thermal exhaust port to take down the Death Star. Disney/Lucasfilm
In this case, the design feature in question is something called speculative execution, which is a processing technique most Intel chips have used since 1995, and one that's common in ARM and AMD processors, too. With speculative execution, processors essentially guess what you're going to do next. If they guess right, then they're already ahead of the curve, and you have a snappier computing experience. If they guess wrong, they dump the data and start over.
What Project Zero found were two key ways to trick even secure, well-designed apps into leaking data from those returned processes. The exploits take advantage of a flaw in how the data is dumped that could allow them â with the right malware installed â to read data that should be secret.
This vulnerability is potentially particularly dangerous in cloud computing systems, where users essentially rent time from massive supercomputing clusters. The servers in those clusters may be shared among multiple users, meaning customers running unpatched and unprepared systems could fall prey to data thieves sharing their processors.
To guard against the security flaw and the exploits, the first and best thing you can do is make sure you're up to date with your security patches. The major operating systems have already started issuing patches that will guard against the Meltdown and Spectre attacks. In fact, fixes have already begun to hit Linux, Android, Apple's MacOS, and Microsoft's Windows 10. So whether you have an Android phone, or you're a developer using Linux in the cloud, it's time to update your operating system.
Meanwhile, Microsoft told Business Insider it's working on rolling out mitigations for its Azure cloud platform. Google Cloud is urging customers to update their operating systems, too.
It's a good idea to stay up-to-date with your Windows updates. Screenshot/Matt Weinberger
It's just as important to make sure you stay up-to-date. While Spectre may not have an easy fix, Google says that there are ways to guard against related exploits. Expect Microsoft, Apple, and Google to issue a series of updates to their operating systems as new Spectre-related attacks are discovered.Â
Additionally, because Meltdown and Spectre require malicious code to already be running on your system, let this be a reminder to practice good online safety behaviors. Don't download any software from a source you don't explicitly trust. And don't click on any links or files claiming you won $10 million in a contest you never entered.Â
The Meltdown and Spectre attacks take advantage of how the "kernels," or cores, of operating systems interact with processors. Theoretically, the two are supposed to be separated to some degree to prevent exactly this kind of attack. However, Google's report proves the current precautions aren't enough.
Operating system developers are said to be adopting a new level of virtual isolation, basically making requests between the processor and the kernel take the long way around.
The problem is that enforcing this kind of separation requires at least a little extra processing power, which would no longer be available to the rest of the system.Â
Isolation is important. Matt Weinberger/Business Insider
As the New York Times notes, researchers are concerned that the fixes could slow down computers by as much as 20% to 30%. Microsoft is reported to believe that PCs with Intel processors older than the two-year-old "Skylake" models could see significant slowdowns.Â
Intel disputes that the performance hits will be as dramatic as The Times suggests.
Some of the slowdowns, should they come to pass, could be mitigated by future software updates. Because the vulnerability was just made public, it's possible that workarounds and new techniques for circumventing the performance hit will come to light as more developers work on solving the problem.Â
Publicly, Intel is confident the Meltdown and Spectre bugs won't have a material impact on its stock price or market share, given that they're relatively hard to execute and have never been used (that we know of). Meanwhile, AMD shares are soaring on word that the easier-to-pull-off Meltdown attack isn't known to work on its processors.Â
However, as Google is so eager to remind us, Spectre looms large. Speculative execution has been a cornerstone of processor design for more than two decades. It will require a huge rethinking from the entire processor industry to guard against this kind of attack in the future. The threat of Spectre means the next generation of processors â from all the major chip designers â are going to be a lot different than they are today.
Google is urging customers of its Google Cloud supercomputing service, hosted from data centers like this, to update their operating systems. Google
Even so, the threat of Spectre is likely to linger with us far into the future. Consumers are replacing their PCs less frequently, which means older PCs that are at risk of the Spectre attack could be in use for years to come.
Meanwhile, there's been a persistent problem with updating Android devices to the latest version of the operating system, so there's likely to be lots of unpatched smartphones and tablets in use for as far as the eye can see. So would-be Spectre attackers are likely going to have their choice of targets.Â
It's not the end of the world. But it might just be the end of an era for Intel, AMD, ARM, and the way processors are built.
Peter Thiel, right, is one of President Trump's closest allies in Silicon Valley. Drew Angerer/Getty Images
PayPal billionaire Peter Thiel is looking to develop a conservative cable-news outlet to rival Fox News, BuzzFeed News reports. Thiel had been working on the project with Fox News founder Roger Ailes before Ailes died in May, but has since moved forward with the project, according to the report. Thiel, who sits on Facebook's board, is a known adversary to outlets such as Gawker Media. Thiel funded a lawsuit which ultimately bankrupted Gawker in 2016.
Tech billionaire Peter Thiel has been in touch with the influential Mercer family about launching a new conservative cable network, BuzzFeed News reports.
Thiel, a Facebook board member who made his fortune at PayPal, is known to be President Donald Trump's biggest ally in Silicon Valley. And the Mercer family â Rebekah Mercer and her hedge-fund managing father Bob â are extremely powerful donors in the Republican Party.
Revelations about the news network came to light Wednesday in excerpts from a new book by journalist Michael Wolff called "Fire and Fury: Inside the Trump White House." Wolff revealed that Thiel had previously looked into creating the network with Fox News founder Roger Ailes, who died in May last year.
But Thiel kept pursuing the idea after Ailes's death, according to BuzzFeed.
Thiel is known to take an adversarial stance toward some media companies. In 2016, it was revealed that Thiel bankrolled lawsuits against the popular blogging outlet Gawker Media, including one filed by former wrestling star Hulk Hogan, which ultimately bankrupted the company.
Hogan, whose real name is Terry Bollea, was awarded $140 million in damages in March 2016 stemming from a Gawker news article published in 2012 that included footage of him having sex.
Ford
2017 auto sales slipped from 2016's record but still came in above 17 million in total. The market could lose 2 million in sales in 2018 and still be relatively solid. Automakers have ridden out many downturns in the past.
On Wednesday, all major automakers selling vehicles in the US reported December and full-year sales.
The record years of 2015 and 2016, with well over 17 million in total sales, weren't met or surpassed. The year came in at just over 17 million (17.2, according to Kelley Blue Book), which while a year-over-year decline for the first time since the financial crisis was nonetheless a bit of a welcome surprise after a sluggish spring and summer when it looked as if 17 million were out of reach.
Anyone at a big car company or running a dealership or making car loans will tell you that a US market above 16 million in annual sales is a very good market. They will also tell you that a market pushing toward 18 million year after year is fine for a while, but worrying long-term because it's historically anomalous.
The so-called "replacement rate" â the churn of old cars being replaced by new â is about 15 million per year, so a market that's two or three million above that can't last. If it did, it would be supported by profit-sapping incentives and extremely loose credit.
What a boom looks like. Business Insider
Naysayers have been predicting a downturn for three years now, but the 2017 slip, coupled with moves such as Ford's hike in December fleet sales, will fuel another round of gloom for 2018. Sure, the market will likely fail to hit 17 million by year's end. But if it only manages 16.5, that would still be strong. (And don't discount the effect that the GOP tax bill could have on summer sales.)
Why? Because of vehicle mix and average transaction prices. Demand isn't infinite, so the industry expects routine cyclical contractions. But as long as consumers are buying large SUVs and pickup trucks and paying top dollar, as they are now, profit margins can survive.
Only a serious recession can clobber both sales and profits, sending everyone into hunker-down mode and making trouble for marginal participants in the market. But even in that case, analysts often forget that the US auto industry has made it through many recessions over the past century and change. Carmakers know what to do when sales are great, and they know what to do when they aren't.
Copyright © 2020 iStart Valley.
