Skiff, an end-to-end encrypted alternative to Google Docs, raises $3.7M seed

Imagine if Google Docs was end-to-end encrypted so that not even Google could access your documents. That’s Skiff, in a nutshell.

Skiff is a document editor with a similar look and feel to Google Docs, allowing you to write, edit and collaborate in real-time with colleagues with privacy baked in. Because the document editor is built on a foundation of end-to-end encryption, Skiff doesn’t have access to anyone’s documents — only users, and those who are invited to collaborate, do.

It’s an idea that has already attracted the attention of investors. Skiff’s co-founders Andrew Milich (CEO) and Jason Ginsberg (CTO) announced today that the startup has raised $3.7 million in seed funding from venture firm Sequoia Capital, just over a year since Skiff was founded in March 2020. Alphabet chairman John Hennessy, former Yahoo chief executive Jerry Yang, and Eventbrite co-founders Julia and Kevin Hartz also participated in the round.

Milich and Ginsberg told TechCrunch that the company will use the seed funding to grow the team and build out the platform.

Skiff isn’t that much different from WhatsApp or Signal, which are also end-to-end encrypted, underneath its document editor. “Instead of using it to send messages to a bunch of people, we’re using it to send little pieces of documents and then piecing those together into a collaborative workspace,” said Milich.

But the co-founders acknowledged that putting your sensitive documents in the cloud requires users to put a lot of trust into the startup, particularly one that hasn’t been around for long. That’s why Skiff published a whitepaper with technical details of how its technology works, and has begun to open source parts of its code, allowing anyone to see how the platform works. Milich said Skiff has also gone through at least one comprehensive security audit, and the company counts advisors from the Signal Foundation to Trail of Bits.

It seems to be working. In the months since Skiff soft-launched through an invite-only program, thousands of users — including journalists, research scientists and human rights lawyers — use Skiff every day, with another 8,000 users on a waitlist.

“The group of users that we’re most excited about are just regular people that care about privacy,” said Ginsberg. “There are just so many privacy communities and people that are advocates for these types of products that really care about how they’re built and have sort of lost trust in big companies.”

“They’re using us because they’re really excited about the vision and the future of end-to-end encryption,” he said.

#advisors, #alphabet, #ceo, #cryptography, #cto, #encryption, #end-to-end-encryption, #eventbrite, #google, #google-allo, #google-docs, #jerry-yang, #john-hennessy, #kevin-hartz, #operating-systems, #security, #sequoia-capital, #signal-foundation, #skiff, #software, #startups, #technology, #yahoo

0

Blockchain startup Propy plans first-ever auction of a real apartment as a collectible NFT

We previously wrote about Propy using blockchain technology to smooth real-world real estate sales by introducing the concept of smart contracts. Propy was the first blockchain startup to make that work. Now the company is pushing the boundaries again, by auctioning a real apartment as an NFT. Although one might want to brush this aside as a stunt, the event is designed to make the point that it could well be done legally. And, by golly, they are going to try.

The auction will be of the NFT attached to a modern, brand new, one-bedroom apartment in Kiev, Ukraine, that Propy previously made history with by making it the first-ever level blockchain-based real estate sale.

The NFT created by Propy will, it says, transfers real ownership of the property. Just in case you haven;t been paying attention, NFTs, or Non-Fungible Tokens, are cryptographic ‘tokens’ that represent a unique asset — such as a piece of art, music, or other collectibles — and certify ownership digitally. NFTs have set the crypto-world alight with their potential to be applied to just about anything, including a work of art by Banksy which was then burnt.

Once someone has won the NFT of the apartment at auction, the NFT will include access to the ownership transfer paperwork; a digital artwork NFT by a popular Kiev graffiti artist, Chizz (a physical painting of the digital artwork is painted on a wall of the apartment)’ and the apartment pictures. But obviously, the apartment is the main asset here. 


The auction itself will happen over a 24hr period with the initial listing starting at $20,000. Details for the NFT sale are available here and will be updated with any new information as the auction proceeds.

The apartment in question is currently owned by Michael Arrington, founder of this very news site, and now a Crypto investor with Arrington XRP Capital.

Investors in Propy – which says it has so far processed $1bn worth of transactions via its platform – include Arrington himself and Tim Draper, former founder of DFJ.

Natalia Karayaneva, CEO of Propy said: “This NFT will go down in history. For Propy it is a major milestone in leveraging the promise of blockchain technology and non-fungible tokens (NFT) to achieve ‘self-driving’ real estate transactions and real estate participation in the decentralized finance economy.”

Here’s how this is all going to work: Arrington has signed legal papers designed by Propy’s lawyers for the NFT to transfer ownership to a future buyer. Propy then conducts the NFT auction and receives payment in cryptocurrency. The winner in the auction becomes the owner within a minute, after filling out KYC details.

The Kiev property is owned by a USA-based entity, and when the auction completes, the new owner of the NFT becomes the owner of the entity and thus the property itself. This process is repeated every time the NFT attached to the property is resold. 

In an interview with me, Karayaneva said: “We were brainstorming and this appeared to be a natural development of our white paper of 2017. And in fact, many things we transact, real estate, via property, we are actually already kind of doing NF T’s, but with our unique smart contracts. But now the NFT concept provides a different approach, where a property can be transferred between two wallets, peer to peer.”

“Thus we do not need to change the name of the owner in the land registry. And this applies to many countries, as well as the United States. This model will work for the United States, and overall, there is this notion of buying real estate via LLC in the United States to preserve the privacy of the owner.”

Over the same call, Arrington added: “Coming at this from a crypto angle, we’ve seen what happens how DeFi gets plugged into credit markets. If I have an NFT or any DeFI asset I can then borrow against it, without a middleman. Right now, if I have a real piece of real estate, there is no way for me to borrow against it, without a middleman, because I have to go through a bank and get a mortgage or whatever. And it’s also the friction all of the costs in terms of speed and how long it takes.”

“If we can find a way to plug real estate and other real-world assets into DeFi, I think that the amount of credit that can be created around that is in the trillions, eventually. And so I think that has to happen. The questions around this are legal and regulatory… The legal stuff around this is tough, and so Propy has done a lot of work with that. But if they do, I think that the idea of an NFT representation of a real-world asset purely from the point of view of ease of trade and ease of access to credit markets is a big idea.”

#arrington-xrp-capital, #articles, #auction, #bank, #blockchains, #ceo, #crypto-art, #cryptocurrencies, #cryptography, #decentralization, #decentralized-finance, #dfj, #ethereum, #europe, #founder, #michael-arrington, #peer-to-peer, #propy, #real-estate, #smart-contract, #tc, #tim-draper, #ukraine, #united-states

0

Bitcoin crashes as investors fear crypto bull market could be nearing its end

Bitcoin, Ethereum and a host of Altcoins suffered massive drops Tuesday night and Wednesday morning, erasing months of gains and hundreds of billions in market cap. The overall crypto market shrunk more than 20% over the past 24 hours according to crypto tracker CoinMarketCap.

What’s behind the drop? Well, some may say the market was flying too close to the sun as investors piled into speculative and technically unremarkable projects like Dogecoin. Others may pin the blame on Elon Musk, who announced that Tesla would no longer be accepting bitcoin for Tesla purchases, which investors feared could trigger a broader backlash among corporate adopters who they hoped would be encouraged to put bitcoin on their balance sheets.

Not all cryptocurrencies are seeing the same fortune, while Bitcoin dropped to nearly $31k, more than half its all-time-high, Ethereum fell to prices it first reached last month. Some of the steepest losses were seen by Dfinity’s Internet Computer token which has shed nearly 60% of its value in the past week. Meanwhile, multi-chain development platform Polygon has surged throughout the broader crash, up 88% this week.

Public market investors got a taste for the crypto market’s volatility as Coinbase stock fell 5% Wednesday morning, down more than 47% from its briefly achieved all-time-high and 10% lower than its direct listing target price.

#bitcoin, #blockchain, #coinbase, #cryptocurrencies, #cryptocurrency, #cryptography, #dogecoin, #elon-musk, #ethereum, #money, #tesla

0

Leveling the playing field

In 2011, a product developer named Fred Davison read an article about inventor Ken Yankelevitz and his QuadControl video game controller for quadriplegics. At the time, Yankelevitz was on the verge of retirement. Davison wasn’t a gamer, but he said his mother, who had the progressive neurodegenerative disease ALS, inspired him to pick up where Yankelevitz was about to leave off.

Launched in 2014, Davison’s QuadStick represents the latest iteration of the Yankelevitz controller — one that has garnered interest across a broad range of industries. 

“The QuadStick’s been the most rewarding thing I’ve ever been involved in,” Davison told TechCrunch. “And I get a lot of feedback as to what it means for [disabled gamers] to be able to be involved in these games.”

Laying the groundwork

Erin Muston-Firsch, an occupational therapist at Craig Hospital in Denver, says adaptive gaming tools like the QuadStick have revolutionized the hospital’s therapy team. 

Six years ago, she devised a rehabilitation solution for a college student who came in with a spinal cord injury. She says he liked playing video games, but as a result of his injury could no longer use his hands. So the rehab regimen incorporated Davison’s invention, which enabled the patient to play World of Warcraft and Destiny. 

QuadStick

Jackson “Pitbull” Reece is a successful Facebook streamer who uses his mouth to operate the QuadStick, as well as the XAC, (the Xbox Adaptive Controller), a controller designed by Microsoft for use by people with disabilities to make user input for video games more accessible. 

Reece lost the use of his legs in a motorcycle accident in 2007 and later, due to an infection, lost the use of his upper body. He says he remembers able-bodied life as one filled with mostly sports video games. He says being a part of the gaming community is an important part of his mental health.

Fortunately there is an atmosphere of collaboration, not competition, around the creation of hardware for gamers within the assistive technology community. 

But while not every major tech company has been proactive about accessibility, after-market devices are available to create customized gaming experiences for disabled gamers.

Enter Microsoft

At its Hackathon in 2015, Microsoft’s Inclusive Lead Bryce Johnson met with disabled veterans’ advocacy group Warfighter Engaged

“We were at the same time developing our views on inclusive design,” Johnson said. Indeed, eight generations of gaming consoles created barriers for disabled gamers.

“Controllers have been optimized around a primary use case that made assumptions,” Johnson said. Indeed, the buttons and triggers of a traditional controller are for able-bodied people with the endurance to operate them. 

Besides Warfighter Engaged, Microsoft worked with AbleGamers (the most recognized charity for gamers with disabilities), Craig Hospital, the Cerebral Palsy Foundation and Special Effect, a U.K.-based charity for disabled young gamers. 

Xbox Adaptive Controller

The finished XAC, released in 2018, is intended for a gamer with limited mobility to seamlessly play with other gamers. One of the details gamers commented on was that the XAC looks like a consumer device, not a medical device.

“We knew that we couldn’t design this product for this community,” Johnson told TechCrunch. “We had to design this product with this community. We believe in ‘nothing about us without us.’ Our principles of inclusive design urge us to include communities from the very beginning.”

Taking on the giants

There were others getting involved. Like many inventions, the creation of the Freedom Wing was a bit of serendipity.

At his booth at an assistive technology (AT) conference, ATMakers‘ Bill Binko showcased a doll named “Ella” using the ATMakers Joystick, a power-chair device. Also in attendance was Steven Spohn, who is part of the brain trust behind AbleGamers.

Spohn saw the Joystick and told Binko he wanted a similar device to work with the XAC. The Freedom Wing was ready within six weeks. It was a matter of manipulating the sensors to control a game controller instead of a chair. This device didn’t require months of R&D and testing because it had already been road tested as a power-chair device. 

ATMakers Freedom Wing 2

Binko said mom-and-pop companies are leading the way in changing the face of accessible gaming technology. Companies like Microsoft and Logitech have only recently found their footing.

ATMakers, QuadStick and other smaller creators, meanwhile, have been busy disrupting the industry. 

“Everybody gets [gaming] and it opens up the ability for people to engage with their community,” Binko said. “Gaming is something that people can wrap their heads around and they can join in.” 

Barriers of entry

As the technology evolves, so do the obstacles to accessibility. These challenges include lack of support teams, security, licensing and VR. 

Binko said managing support teams for these devices with the increase in demand is a new hurdle. More people with the technological skills are needed to join the AT industry to assist with the creation, installation and maintenance of devices. 

Security and licensing is out of the hands of small creators like Davison because of financial and other resources needed to work with different hardware companies. For example, Sony’s licensing enforcement technology has become increasingly complex with each new console generation. 

With Davison’s background in tech, he understands the restrictions to protect proprietary information. “They spend huge amounts of money developing a product and they want to control every aspect of it,” Davison said. “Just makes it tough for the little guy to work with.”

And while PlayStation led the way in button mapping, according to Davison, the security process is stringent. He doesn’t understand how it benefits the console company to prevent people from using whichever controller they want. 

“The cryptography for the PS5 and DualSense controller is uncrackable so far, so adapter devices like the ConsoleTuner Titan Two have to find other weaknesses, like the informal ‘man in the middle’ attack,” Davison said. 

The technique allows devices to utilize older-gen PlayStation controllers as a go-between from the QuadStick to the latest-gen console, so disabled gamers can play the PS5. TechCrunch reached out to Sony’s accessibility division, whose representative said there are no immediate plans for an adaptable PlayStation or controller. However, they stated their department works with advocates and gaming devs to consider accessibility from day one.  

In contrast, Microsoft’s licensing system is more forgiving, especially with the XAC and the ability to use older-generation controllers with newer systems. 

“Compare the PC industry to the Mac,” Davison said. “You can put together a PC system from a dozen different manufacturers, but not for the Mac. One is an open standard and the other is closed.”

A more accessible future

In November, Japanese controller company HORI released an officially licensed accessibility controller for the Nintendo Switch. It’s not available for sale in the United States currently, but there are no region restrictions to purchase one online. This latest development points toward a more accessibility-friendly Nintendo, though the company has yet to fully embrace the technology. 

Nintendo’s accessibility department declined a full interview but sent a statement to TechCrunch. “Nintendo endeavors to provide products and services that can be enjoyed by everyone. Our products offer a range of accessibility features, such as button-mapping, motion controls, a zoom feature, grayscale and inverted colors, haptic and audio feedback, and other innovative gameplay options. In addition, Nintendo’s software and hardware developers continue to evaluate different technologies to expand this accessibility in current and future products.”

The push for more accessible hardware for disabled gamers hasn’t been smooth. Many of these devices were created by small business owners with little capital. In a few cases corporations with a determination for inclusivity at the earliest stages of development became involved. 

Slowly but surely, however, assistive technology is moving forward in ways that can make the experience much more accessible for gamers with disabilities.

 

#accessibility, #advocacy, #chair, #column, #cryptography, #game-controller, #gaming, #hardware, #hori, #joystick, #logitech, #microsoft, #nintendo, #playstation, #xbox, #xbox-adaptive-controller, #xbox-one

0

Vitalik Buterin donates $1 billion worth of ‘meme coins’ to India Covid Relief Fund

Vitalik Buterin, the creator of Ethereum, on Wednesday donated Ethereum and “meme coins” worth $1.5 billion in one of the largest-ever individual philanthropy efforts.

Buterin transferred 500 ETH and over 50 trillion SHIB (Shiba Inu), a meme coin, worth around $1.14 billion at the time of transaction, to the India COVID-Crypto Relief Fund. The transaction sparked panic among some investors, with SHIB’s price dropping by over 35% in the past 24 hours.

The meme coin which courted retail investors in China and elsewhere following recent surges in the Dogecoin cryptocurrency, managed to garner billions (USD) worth of investment in recent days before today’s crash. Buterin’s donation of SHIB — which was sent to him without his consent in the first place — comes at a time when India is grappling with a surge in the coronavirus infections in the country.

Sandeep Nailwal, who put together the Indian relief fund and co-founded crypto organization Polygon, said in a tweet that he won’t do anything that hurts “any community specially the retail community involved with SHIB.”

Buterin, who became the youngest crypto billionaire at the age of 27 earlier this month, also transferred Ethereum and Dogelon Mars (ELON) — another meme coin — worth $336 million to Methuselah Foundation, a non-profit that supports efforts in tissue engineering and regenerative medicine therapies; and over 13,000 ETH to Givewell, a non-profit organization that works to curate the best charities around the world. Buterin also donated to Gitcoin Community, MIRI, and Charter Cities Institute.

 

India has been reporting over 350,000 daily infections and over 3,500 fatalities for the last two weeks. The second wave of the coronavirus has overwhelmed the South Asian nation’s healthcare system, leaving countless of people to scramble for hospital beds, medical oxygen and other supplies.

#asia, #blockchains, #china, #cryptocurrencies, #cryptocurrency, #cryptography, #distributed-computing, #dogecoin, #ethereum, #india, #joseph-lubin, #retail-investors, #tc, #vitalik-buterin

0

CryptoPunks NFT bundle goes for $17 million in Christie’s auction

A lot of 9 CryptoPunks portraits ended up selling for just under $17 million in a Christie’s auction Tuesday evening, marking another substantial moment for NFT art sales. The lot of pixelated portraits were from the collection of the NFT platform’s co-creators Matt Hall and John Watkinson.

The CryptoPunks platform is one of the first NFT projects on the Ethereum blockchain. Back in 2017, ten thousand of the procedurally generated characters were given away for free. In the years since, a vibrant NFT community has developed around the ‘Punks. In recent months, on the back of a broader NFT boom, prices exploded.

Last month, TechCrunch profiled the community and some of its buyers who have paid tens and hundreds of thousands of dollars each to join the exclusive club of CryptoPunks owners.

Tuesday’s sale marks a substantial payday for the creators of the project, but comes just days after a much more substantial one: the release of their new project called Meebits which garnered nearly $80 million in sales in just a few hours.

The final Christie’s bid was for $14.5 million, $16.96 million after fees.

Many inside the crypto community had expected the sale to reach an even higher premium in recent weeks, something that had led to a substantial run-up in prices of CryptoPunks in the weeks ahead of the auction. Though the lot sold for a significantly higher dollar amount, when priced in denominations of the surging Ethereum cryptocurrency, the entire bundle sold for slightly less than the sale price of the last alien figure, which sold in March for 4,200 Eth (some $7.2M USD at the time).

#articles, #auction, #blockchain, #blockchains, #christies, #cryptocurrencies, #cryptocurrency, #cryptography, #cryptopunks, #decentralization, #ethereum, #joseph-lubin, #matt-hall, #nft, #tc

0

Multicoin Capital debuts new $100M fund to bet on crypto startups and tokens

Crypto startups couldn’t be hotter as currencies push past all-time-highs and investor appetite reaches mania for new projects. Crypto investment firms that have been investing in blockchain startups for years are not only beginning to see major movement from their portfolio, but are gaining renewed appetite from LPs after a lengthy crypto winter to make bigger, more audacious bets.

Austin-based Multicoin Capital has been around since 2017 investing in blockchain startups, cryptocurrencies and tokens with a venture fund and separate hedge fund. Today, the firm announced its raise of its second venture fund as it aims to further capitalize on rampant excitement in the crypto world. The new $100 million fund will help the company back new entrants in the space including companies tackling DeFi, digital collectibles, Web3 and crypto-enabled infrastructure.

Multicoin’s team says that it has already been investing out of this fund for several months and it seems the timing is more aligned with the promotion of three of the firm’s employees — Matt ShapiroMable Jiang, and John Robert Reed — to Partner status. The team is just 12, but is looking to expand as they build out their remote presence in other geographies.

The firm’s previous bets include The Graph, Solana, Torus, StarkWare and Arweave, among others.

#articles, #austin, #bitcoin, #blockchain, #cryptocurrencies, #cryptocurrency, #cryptography, #decentralization, #decentralized-finance, #financial-technology, #multicoin-capital, #technology

0

Telegram to add group video calls next month

Group video calls will be coming to Telegram’s messaging platform next month with what’s being touted as a fully featured implementation, including support for web-based videoconferencing.

Founder Pavel Durov made the announcement via a (text) message posted to his official Telegram channel today where he wrote “we will be adding a video dimension to our voice chats in May, making Telegram a powerful platform for group video calls”.

“Screen sharing, encryption, noise-cancelling, desktop and tablet support — everything you can expect from a modern video conferencing tool, but with Telegram-level UI, speed and encryption. Stay tuned!” he added, using the sorts of phrases you’d expect from an enterprise software maker.

Telegram often taunts rivals over their tardiness to add new features but on video calls it has been a laggard, only adding the ability to make one-on-one video calls last August — rather than prioritizing a launch of group video calls, as it had suggested it would a few months earlier.

In an April 2020 blog post, to mark passing 400M users, it wrote that the global lockdown had “highlighted the need for a trusted video communication tool” — going on to dub video calls in 2020 “much like messaging in 2013”.

However it also emphasized the importance of security for group video calling — and that’s perhaps what’s caused the delay.

(Another possibility is the operational distraction of needing to raise a large chunk of debt financing to keep funding development: Last month Telegram announced it had raised over $1BN by selling bonds — its earlier plan to monetize via a blockchain platform having hit the buffers in 2020.)

In the event, rather than rolling out group video calls towards the latter end of 2020 it’s going to be doing so almost half way through 2021 — which has left videoconferencing platforms like Zoom to keep cleaning up during the pandemic-fuelled remote work and play boom (even as ‘Zoom fatigue’ has been added to our lexicon).

How secure Telegram’s implementation of group video calls will be, though, is an open question.

Durov’s post mades repeat mention of “encryption” — perhaps to make a subtle dig at Zoom’s own messy security claims history — but doesn’t specify whether it will use end-to-end encryption (we’ve asked).

Meanwhile Zoom does now offer e2e — and also has designs on becoming a platform in its own right, with apps and a marketplace, so there are a number of shifts in the comms landscape that could see the videoconferencing giant making deeper incursions into Telegram’s social messaging territory.

The one-to-one video calls Telegram launched last year were rolled out with its own e2e encryption — so presumably it will be replicating that approach for group calls.

However the MTProto encryption Telegram uses is custom-designed — and there’s been plenty of debate among cryptography experts over the soundness of its approach. So even if group calls are e2e encrypted there will be scrutiny over exactly how Telegram is doing it.

Also today, Durov touted two recently launched web versions of Telegram (not the first such versions by a long chalk, though) — adding that it’s currently testing “a functional version of web-based video calls internally, which will be added soon”.

He said the Webk and Webz versions of the web app are “by far the most cross-platform versions of Telegram we shipped so far”, and noting that no downloads or installs are required to access your chats via the browser.

“This is particularly good for corporate environments where installing native apps is now always allowed, but also good for users who like the instant nature of web sites,” he added, with another little nod toward enterprise users.

#cryptography, #e2e-encryption, #encryption, #end-to-end-encryption, #group-video-calls, #noise-cancelling, #pavel-durov, #social, #telegram, #video-conferencing, #web-app, #zoom

0

Crusoe Energy is tackling energy use for cryptocurrencies and data centers and greenhouse gas emissions

The two founders of Crusoe Energy think they may have a solution to two of the largest problems facing the planet today — the increasing energy footprint of the tech industry and the greenhouse gas emissions associated with the natural gas industry.

Crusoe, which uses excess natural gas from energy operations to power data centers and cryptocurrency mining operations, has just raised $128 million in new financing from some of the top names in the venture capital industry to build out its operations — and the timing couldn’t be better.

Methane emissions are emerging as a new area of focus for researchers and policymakers focused on reducing greenhouse gas emissions and keeping global warming within the 1.5 degree targets set under the Paris Agreement. And those emissions are just what Crusoe Energy is capturing to power its data centers and bitcoin mining operations.

The reason why addressing methane emissions is so critical in the short term is because these greenhouse gases trap more heat than their carbon dioxide counterparts and also dissipate more quickly. So dramatic reductions in methane emissions can do more in the short term to alleviate the global warming pressures that human industry is putting on the environment.

And the biggest source of methane emissions is the oil and gas industry. In the U.S. alone roughly 1.4 billion cubic feet of natural gas is flared daily, said Chase Lochmiller, a co-founder of Crusoe Energy. About two thirds of that is flared in Texas with another 500 million cubic feet flared in North Dakota, where Crusoe has focused its operations to date.

For Lochmiller, a former quant trader at some of the top American financial services institutions, and Cully Cavmess, a third generation oil and gas scion, the ability to capture natural gas and harness it for computing operations is a natural combination of the two men’s interests in financial engineering and environmental preservation.

NEW TOWN, ND – AUGUST 13: View of three oil wells and flaring of natural gas on The Fort Berthold Indian Reservation near New Town, ND on August 13, 2014. About 100 million dollars worth of natural gas burns off per month because a pipeline system isn’t in place yet to capture and safely transport it . The Three Affiliated Tribes on Fort Berthold represent Mandan, Hidatsa and Arikara Nations. It’s also at the epicenter of the fracking and oil boom that has brought oil royalties to a large number of native americans living there. (Photo by Linda Davidson / The Washington Post via Getty Images)

The two Denver natives met in prep-school and remained friends. When Lochmiller left for MIT and Cavness headed off to Middlebury they didn’t know that they’d eventually be launching a business together. But through Lochmiller’s exposure to large scale computing and the financial services industry, and Cavness assumption of the family business they came to the conclusion that there had to be a better way to address the massive waste associated with natural gas.

Conversation around Crusoe Energy began in 2018 when Lochmiller and Cavness went climbing in the Rockies to talk about Lochmiller’s trip to Mt. Everest.

When the two men started building their business, the initial focus was on finding an environmentally friendly way to deal with the energy footprint of bitcoin mining operations. It was this pitch that brought the company to the attention of investors at Polychain, the investment firm started by Olaf Carlson-Wee (and Lochmiller’s former employer), and investors like Bain Capital Ventures and new investor Valor Equity Partners.

(This was also the pitch that Lochmiller made to me to cover the company’s seed round. At the time I was skeptical of the company’s premise and was worried that the business would just be another way to prolong the use of hydrocarbons while propping up a cryptocurrency that had limited actual utility beyond a speculative hedge against governmental collapse. I was wrong on at least one of those assessments.)

“Regarding questions about sustainability, Crusoe has a clear standard of only pursuing projects that are net reducers of emissions. Generally the wells that Crusoe works with are already flaring and would continue to do so in the absence of Crusoe’s solution. The company has turned down numerous projects where they would be a buyer of low cost gas from a traditional pipeline because they explicitly do not want to be net adders of demand and emissions,” wrote a spokesman for Valor Equity in an email. “In addition, mining is increasingly moving to renewables and Crusoe’s approach to stranded energy can enable better economics for stranded or marginalized renewables, ultimately bringing more renewables into the mix. Mining can provide an interruptible base load demand that can be cut back when grid demand increases, so overall the effect to incentivize the addition of more renewable energy sources to the grid.”

Other investors have since piled on including: Lowercarbon Capital, DRW Ventures, Founders Fund, Coinbase Ventures, KCK Group, Upper90, Winklevoss Capital, Zigg Capital and Tesla co-founder JB Straubel.

The company now operate 40 modular data centers powered by otherwise wasted and flared natural gas throughout North Dakota, Montana, Wyoming and Colorado. Next year that number should expand to 100 units as Crusoe enters new markets such as Texas and New Mexico. Since launching in 2018, Crusoe has emerged as a scalable solution to reduce flaring through energy intensive computing such as bitcoin mining, graphical rendering, artificial intelligence model training and even protein folding simulations for COVID-19 therapeutic research.

Crusoe boasts 99.9% combustion efficiency for its methane, and is also bringing additional benefits in the form of new networking buildout at its data center and mining sites. Eventually, this networking capacity could lead to increased connectivity for rural communities surrounding the Crusoe sites.

Currently, 80% of the company’s operations are being used for bitcoin mining, but there’s increasing demand for use in data center operations and some universities, including Lochmiller’s alma mater of MIT are looking at the company’s offerings for their own computing needs.

“That’s very much in an incubated phase right now,” said Lochmiller. “A private alpha where we have a few test customers… we’ll make that available for public use later this year.”

Crusoe Energy Systems should have the lowest data center operating costs in the world, according to Lochmiller and while the company will spend money to support the infrastructure buildout necessary to get the data to customers, those costs are negligible when compared to energy consumption, Lochmiller said.

The same holds true for bitcoin mining, where the company can offer an alternative to coal powered mining operations in China and the construction of new renewable capacity that wouldn’t be used to service the grid. As cryptocurrencies look for a way to blunt criticism about the energy usage involved in their creation and distribution, Crusoe becomes an elegant solution.

Institutional and regulatory tailwinds are also propelling the company forward. Recently New Mexico passed new laws limiting flaring and venting to no more than 2 percent of an operator’s production by April of next year and North Dakota is pushing for incentives to support on-site flare capture systems while Wyoming signed a law creating incentives for flare gas reduction applied to bitcoin mining. The world’s largest financial services firms are also taking a stand against flare gas with BlackRock calling for an end to routine flaring by 2025.

“Where we view our power consumption, we draw a very clear line in our project evaluation stage where we’re reducing emissions for an oil and gas projects,” Lochmiller said. 

#air-pollution, #alpha, #artificial-intelligence, #bain-capital-ventures, #bitcoin, #bitcoin-mining, #blackrock, #china, #co-founder, #coinbase-ventures, #colorado, #computing, #cryptocurrency, #cryptography, #denver, #energy, #energy-consumption, #energy-efficiency, #everest, #founders-fund, #greenhouse-gas-emissions, #jb-straubel, #lowercarbon-capital, #methane, #mining, #mit, #montana, #natural-gas, #new-mexico, #north-dakota, #tc, #tesla, #texas, #trader, #united-states, #upper90, #valor-equity-partners, #winklevoss-capital, #world-bank, #wyoming

0

Crypto market takes a dive with Bitcoin leading the way

Cryptocurrency prices continued to tumble Friday with Bitcoin leading the charge, with prices for the internet currency dipping below $50,000 for the first time since early March.

Bitcoin is down roughly 20% week-over-week, around 30% from its all-time-high of nearly $65,000 early last week. The market cap of the coin has dipped below $1 trillion. The tumble has been less severe for Ethereum which hit an all-time-high just yesterday but has since dropped 13% as the broader market has crawled back.

Plenty of altcoins have also taken a beating. Dogecoin erased the breakneck gains of the week and then some, nearly halving its price after a meteoric climb last weekend. XRP is down 35% week-over-week, Stellar is down 30% and Polkadot is down 25% since last week.

Overall, Coinmarketcap estimates the global crypto market has shrunk around 10% in the past 24 hours.

Crypto prices have been on a tear for the past several months, but the past week has been the clearest sign of a correction to climbing prices, though many see news of President Biden’s adjustment to the hikes on the capital gains tax as the most apparent reason for the market’s slide as investors cash out hoping their gains won’t be reached by a retroactive application of the rules.

Coinbase, which went public last week via direct listing, shaved about 10% off its share price this week, but was largely unaffected Friday in intraday trading.

Bitcoin prices (7 days). Chart via CoinMarketCap

#biden, #bitcoin, #coinbase, #cryptocurrencies, #cryptocurrency, #cryptography, #currency, #dogecoin, #ethereum, #president

0

UK’s IoT ‘security by design’ law will cover smartphones too

Smartphones will be included in the scope of a planned “security by design” U.K. law aimed at beefing up the security of consumer devices, the government said today.

It made the announcement in its response to a consultation on legislative plans aimed at tackling some of the most lax security practices long-associated with the Internet of Things (IoT).

The government introduced a security code of practice for IoT device manufacturers back in 2018 — but the forthcoming legislation is intended to build on that with a set of legally binding requirements.

A draft law was aired by ministers in 2019 — with the government focused on IoT devices, such as webcams and baby monitors, which have often been associated with the most egregious device security practices.

Its plan now is for virtually all smart devices to be covered by legally binding security requirements, with the government pointing to research from consumer group “Which?” that found that a third of people kept their last phone for four years, while some brands only offer security updates for just over two years.

The forthcoming legislation will require smartphone and device makers like Apple and Samsung to inform customers of the duration of time for which a device will receive software updates at the point of sale.

It will also ban manufacturers from using universal default passwords (such as “password” or “admin”), which are often preset in a device’s factory settings and easily guessable — making them meaningless in security terms.

California already passed legislation banning such passwords in 2018 with the law coming into force last year.

Under the incoming U.K. law, manufacturers will additionally be required to provide a public point of contact to make it simpler for anyone to report a vulnerability.

The government said it will introduce legislation as soon as parliamentary time allows.

Commenting in a statement, digital infrastructure minister Matt Warman added: “Our phones and smart devices can be a gold mine for hackers looking to steal data, yet a great number still run older software with holes in their security systems.

“We are changing the law to ensure shoppers know how long products are supported with vital security updates before they buy and are making devices harder to break into by banning easily guessable default passwords.

“The reforms, backed by tech associations around the world, will torpedo the efforts of online criminals and boost our mission to build back safer from the pandemic.”

A DCMS spokesman confirmed that laptops, PCs and tablets with no cellular connection will not be covered by the law, nor will secondhand products. Although he added that the intention is for the scope to be adaptive, to ensure the law can keep pace with new threats that may emerge around devices.

#california, #computer-security, #cryptography, #europe, #gadgets, #internet-of-things, #iot, #mobile, #password, #security, #smart-devices, #smartphones, #united-kingdom

0

Gay dating site Manhunt hacked, thousands of accounts stolen

Manhunt, a gay dating app that claims to have 6 million male members, has confirmed it was hit by a data breach in February after a hacker gained access to the company’s accounts database.

In a notice filed with the Washington attorney general’s office, Manhunt said the hacker “gained access to a database that stored account credentials for Manhunt users,” and “downloaded the usernames, email addresses and passwords for a subset of our users in early February 2021.

The notice did not say how the passwords were scrambled, if at all, to prevent them from being read by humans. Passwords scrambled using weak algorithms can sometimes be decoded into plain text, allowing malicious hackers to break into their accounts.

Following the breach, Manhunt force-reset account passwords began alerting users in mid-March. Manhunt did not say what percentage of its users had their data stolen or how the data breach happened, but said that more than 7,700 Washington state residents were affected.

The company’s attorneys did not reply to an email requesting comment.

But questions remain about how Manhunt handled the breach. In March, the company tweeted that, “At this time, all Manhunt users are required to update their password to ensure it meets the updated password requirements.” The tweet did not say that user accounts had been stolen.

Manhunt was launched in 2001 by Online-Buddies Inc., which also offered gay dating app Jack’d before it was sold to Perry Street in 2019 for an undisclosed sum. Just months before the sale, Jack’d had a security lapse that exposed users’ private photos and location data.

Dating sites store some of the most sensitive information on their users, and are frequently a target of malicious hackers. In 2015, Ashley Madison, a dating site that encouraged users to have an affair, was hacked, exposing names, and postal and email addresses. Several people died by suicide after the stolen data was posted online. A year later, dating site AdultFriendFinder was hacked, exposing more than 400 million user accounts.

In 2018, same-sex dating app Grindr made headlines for sharing users’ HIV status with data analytics firms.

In other cases, poor security — in some cases none at all — led to data spills involving some of the most sensitive data. In 2019, Rela, a popular dating app for gay and queer women in China, left a server unsecured with no password, allowing anyone to access sensitive data — including sexual orientation and geolocation — on more than 5 million app users. Months later, Jewish dating app JCrush exposed around 200,000 user records.

Read more: 


Know something, say something. Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

#jack, #apps, #articles, #ashley-madison, #china, #computer-security, #computing, #cryptography, #data-breaches, #password, #securedrop, #security, #security-breaches

0

FBI launches operation to remotely remove Microsoft Exchange server backdoors

A Texas court has authorized an FBI operation to “copy and remove” backdoors from hundreds of Microsoft Exchange email servers in the United States, months after hackers used four previously undiscovered vulnerabilities to attack thousands of networks.

The Justice Department announced the operation on Tuesday, which it described as “successful.” It’s believed this is the first known case of the FBI effectively cleaning up private networks following a cyberattack.

In March, Microsoft discovered a new China state-sponsored hacking group — Hafnium — targeting Exchange servers run from company networks. The four vulnerabilities when chained together allowed the hackers to break into a vulnerable Exchange server and steal its contents. Microsoft fixed the vulnerabilities but the patches did not close the backdoors from the servers that had already been breached. Within days, other hacking groups began hitting vulnerable servers with the same flaws to deploy ransomware.

The number of infected servers dropped as patches were applied. But hundreds of Exchange servers remained vulnerable because the backdoors are difficult to find and eliminate, the Justice Department said in a statement.

“This operation removed one early hacking group’s remaining web shells which could have been used to maintain and escalate persistent, unauthorized access to U.S. networks,” the statement said. “The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path).”

The FBI said it’s attempting to contact owners of servers from which it removed the backdoors by email.

Assistant attorney general John C. Demers said the operation “demonstrates the Department’s commitment to disrupt hacking activity using all of our legal tools, not just prosecutions.”

The Justice Department also said the operation only removed the backdoors, but did not patch the vulnerabilities exploited by the hackers to begin with or remove any malware left behind.

Neither the FBI nor the Justice Department commented by press time.

#backdoor, #china, #computing, #cryptography, #cybercrime, #cyberwarfare, #department-of-justice, #federal-bureau-of-investigation, #hacking, #justice-department, #malware, #microsoft, #ransomware, #security, #security-breaches, #spyware, #technology, #texas, #united-states

0

Crypto trading on Robinhood spiked to 9.5M customers in first quarter

It’s been a big year for crypto, and Robinhood shared some stats today providing more evidence that the crypto boom is more than just hype — at least for now.

In a blog, Christine Brown, Robinhood’s head of crypto operations, revealed that in the first quarter of 2021, 9.5 million of its customers traded crypto via the company’s platform. That’s up big time from the 1.7 million customers who traded crypto in the 2020 fourth quarter.

Brown says the company’s intent behind launching Robinhood Crypto in the first place was to give its customers the opportunity to buy and sell cryptocurrency in addition to the range of assets offered through its brokerage, Robinhood Financial.

Robinhood Crypto currently offers seven tradeable coins: Bitcoin, Bitcoin Cash, Bitcoin SV, Dogecoin, Ethereum, Ethereum Classic, and Litecoin. 

Brown also noted that Robinhood’s crypto team has already more than tripled since the beginning of the year, although it’s not entirely clear how many staffers it currently has on that team. There are a number of crypto-related openings on its careers site, including an open “Crypto CFO” role.

The company is making clear that crypto is an important part of its overall business and part of its mission to democratize access to the masses.

“All it takes to spend, trade, and store cryptocurrency, theoretically, is an internet connection — you don’t need access to a big line of credit, or startup capital,” Brown wrote. “You don’t even have to be awake at a certain time of day to trade. The crypto market doesn’t close. Crypto was born out of a mission to take power away from institutions and return it to the people.”

Last August, Robinhood raised $200 million more at a new, higher $11.2 billion valuation in its third raise of the year before filing to go public in March. The company has had a tumultuous past year or so that was filled with time in front of Congress, bad PR from a user’s suicide, and settlements with the SEC.

Meanwhile, TechCrunch also reported earlier this week that in the first quarter of 2021, American consumer cryptocurrency trading giant Coinbase grew sharply, generating strong profits at the same time. Specifically, the company notched revenue of $1.8 billion in Q1 2021, up from $585.1 million in Q4 2020. Net income totaled “approximately $730 million to $800 million,” up from $178.8 million in Q4 2020.

#bitcoin, #cfo, #coinbase, #cryptocurrencies, #cryptocurrency, #cryptography, #digital-currencies, #dogecoin, #finance, #robinhood, #tc

0

Duo goes passwordless

Duo, the authentication service Cisco acquired for $2.35 billion in 2018, today announced its plans to launch a passwordless authentication service that will allow users to log in to their Duo-protected services through security keys or platform biometrics like Apple’s Face ID or Microsoft’s Windows Hello. The infrastructure-agnostic service will go into public preview in the summer.

“Cisco has strived to develop passwordless authentication that meets the needs of a diverse and evolving workforce and allows the broadest set of enterprises to securely progress towards a passwordless future, regardless of their IT stack,” said Gee Rittenhouse, SVP and GM of Cisco’s Security Business Group. “It’s not an overstatement to say that passwordless authentication will have the most meaningful global impact on how users access data by making the easiest path the most secure.”

If you’re using Duo or a similar product today, chances are that you are using both passwords and a second factor to log into your work applications. But users are notoriously bad about their password hygiene — and to the despair of any IT department, they also keep forgetting them.

In the standard two-factor authentication scheme, the second factor is basically an extra moat around your password. Passwordless is essentially another form of two-factor authentication, but it instead of passwords, it relies on cryptographic key pairs, be that with the help of a hardware security key or biometric authentication.

Duo’s passwordless service relies on the Web Authentication standard which ensures that your data is stored locally and not on a centralized server, too.

According to Duo’s own data, we have now reached a point where the hardware is ready for passwordless, with 80 percent of mobile devices now offering support for biometrics.

“Passwordless is a journey requiring incremental changes in users and IT environments alike, not something enterprises can enable overnight,” said Wolfgang Goerlich, Advisory Chief Information Security Officer, Duo Security at Cisco. “Duo can help enterprises transition their environments and workforces securely and minimize user friction while simultaneously increasing trust in every authentication.”

#access-control, #authentication, #cisco, #computer-security, #cryptography, #microsoft-windows, #multi-factor-authentication, #password, #security-token, #svp, #tc, #work-applications

0

How startups can go passwordless, thanks to zero trust

“There is no doubt that over time, people are going to rely less and less on passwords… they just don’t meet the challenge for anything you really want to secure,” said Bill Gates.

That was seventeen years ago. Although passwords have lost some of their charm, they have so far survived many attempts to kill them for good.

The perception of high cost and tricky implementations has stalled some smaller businesses from ditching passwords. But alternatives to passwords are affordable, easy to implement, and safer, show industry insights gathered by Extra Crunch. The move to zero trust systems is acting as a catalyst.

First, a primer. Zero trust focuses on who you are, not where you are. Zero trust models require companies to never trust any attempt to access its network, and must verify every single time — even from logins from inside the network. Passwordless tech is a key part of zero trust models.

There are several alternatives for passwords, including:

  • Biometric authentication: widely used as fingerprint readers in smartphones and physical verification points at buildings;
  • Social media authentication: where you use your Google or Facebook IDs to authenticate you with a third-party service;
  • Multi-factor authentication: where more layers of authentication are added using devices or services, such as token authentication using a trusted device.
  • Grid authentication cards: which provides access while using a combination PIN number.
  • Push notifications: which are usually sent to the user’s smartphones or encrypted devices.
  • Digital certificates: cryptographic files stored locally on the machine or device.

Wolt, a Finnish food-delivery site is just one example of going passwordless.

“The user registers by entering their email address or a phone number. Login to the app takes place by clicking the temporary link in the user’s inbox. The app on the user’s mobile phone places an authentication cookie, which enables the user to continue from that device without having to go through any further authentication,” said Erka Koivunen, CISO at F-Secure.

In this case, the service provider is in full control of the authentication, allowing it to set expiration time, revoke service, and detect fraud. The service provider does not need to count on the user’s commitment to keep track of their passwords.

Passwordless tech is not inherently costly but may take some adjustment, explained Ryan Weeks, CISO at managed service provider Datto.

“It is not necessarily costly in terms of monetary investment, because there are a lot of easily accessible open-source alternatives for multi factor authentication that don’t require any sort of investment,” said Weeks. But some companies believe passwordless tech may cause friction to their employees’ productivity.

Koivunen also dismissed that zero trust models are unaffordable for startups.

“Zero trust recognises the futility of forcing users to authenticate themselves by presenting something they should keep as secret. Instead, it prefers to establish the user’s identity using some context-aware method,” he said.

Zero trust goes further than authenticating users; it also includes the device and the user.

“From a zero trust perspective, there is an idea that there is a continuous authentication or revalidation of trust occurring. Therefore, passwordless in a zero trust model is potentially easier for the user and more secure as the combination of the ‘something you have’ and ‘something you are’ factors are more difficult to attack,” said Datto’s Weeks.

Larger companies, like Microsoft and Google, already offer zero trust technologies. But investors are also eyeing smaller companies that offer zero trust for growing companies.

Axis Security, a zero trust provider that allows remote employees to access their company’s network, raised $32 million last year. Beyond Identity raised $75 million in funding in December. And, Israel identity validation startup Identiq raised $47 million in Series A funding in March.

#access-control, #authentication, #bill-gates, #computer-security, #cryptography, #f-secure, #facebook, #google, #identiq, #israel, #microsoft, #multi-factor-authentication, #password, #security, #smartphones, #startups

0

Elon Musk declares you can now buy a Tesla with Bitcoin in the U.S.

Tesla made headlines earlier this year when it took out significant holdings in bitcoin, acquiring a roughly $1.5 billion stake at then-prices in early February. At the time, it also noted in an SEC filing disclosing the transaction that it could also eventually accept the cryptocurrency as payment from customers for its vehicles. Now, Elon Musk says they’ve made that a reality, at least for customers in the U.S., and he added that the plan is for the automaker to ‘hodl’ all their bitcoin payments, too.

In terms of its infrastructure for accepting bitcoin payments, Tesla isn’t relying on any third-party networks or wallets — the company is “using only internal & open source software & operates Bitcoin nodes directly,” Musk said on Twitter. And when customers pay in bitcoin, those won’t be converted to fiat currency, the CEO says, but will instead presumably add to the company’s stockpile.

In February when Tesla revealed its bitcoin purchase, observers either lauded the company’s novel approach to converting its cash holdings, or criticized the plan for its attachment to an asset with significant price volatility. Many also pointed out that the environmental cost of mining bitcoin seems at odds with Tesla’s overall stated mission, given its carbon footprint. Commenters today echoed these concerns, noting the irony of Tesla accepting the grid-taxing cryptocurrency for its all-electric cars.

As for how the bitcoin payment process works today, Tesla has detailed that in an FAQ. Customers begin the payment process from their own bitcoin wallet, and have to set the exact amount for a vehicle deposit based on current rates, with the value of Tesla’s cars still set in U.S. dollars. The automaker further notes that in the case of any refunds, it’s buyer-beware in terms of any change in value relative to the U.S. dollar from time of purchase to time of refund.

Musk also said that the plan is to expand Bitcoin payments to other countries outside the U.S. by “later this year.” Depending on the market, that could require some regulatory work, but clearly Musk thinks it’s worth the effort. Meanwhile, Bitcoin is up slightly on the news early Wednesday morning.

#bitcoin, #car, #ceo, #cryptocurrencies, #cryptography, #currency, #digital-currencies, #electric-vehicles, #elon-musk, #mining, #mobility, #open-source-software, #tc, #tesla, #u-s-securities-and-exchange-commission, #united-states

0

Roll still doesn’t know how its hot wallet was hacked

Move fast, break things, get hacked.

That’s what happened at Roll, the social currency platform that allows creators to mint and distribute their own Ethereum-based cryptocurrency known as social tokens. Last week, Roll disclosed a hacker had stolen $5.7 million from its hot wallet, a little over a year after the company launched.

Roll set up a $500,000 fund to help creators recoup their losses, and the company promised to hire a third-party to audit its security infrastructure.

But the company has so far been unable to contract with security investigators to probe the breach, leaving the startup to look for clues itself. A week has passed since the breach, and the social currency startup says it still doesn’t know how the hacker broke in or stole its private keys.

In a call with TechCrunch this week, Roll executives confirmed its infrastructure never underwent a security audit, a process designed to help find and fix vulnerabilities, prior to its launch.

“We weren’t ready from a security standpoint,” said Roll CEO Bradley Miles.

“This incident was a big setback for us, we will revamp a lot of infrastructure around this that we have in place to prevent something like this from happening again,” said Roll’s chief technology officer Sid Kalla, who oversees cybersecurity because the company does not have dedicated staff.

The executives said while its smart contracts — the technology that underpins the blockchain — were audited by a third-party firm, the rest of the company’s infrastructure was never stress-tested.

“That was a shortcoming on our end, and we should have done this earlier,” said Kalla.

The emptying of Roll’s hot wallet comes as social currency climbs to new levels of popularity. Roll has netted high-profile creators like actor Terry Crews, along with hundreds of other social currency on the platform, many plummeting in value after the hot wallet was hacked.

Some of the larger social currencies, like $WHALE, bounced back fairly quickly after the breach of Roll’s hot wallet. A month earlier, $WHALE “serendipitously withdrew” a large amount of its supply to its cold wallets, which aren’t connected to the internet, in anticipation of community distributions. The social currencies that had measures in place proved some resiliency against the hack.

After the company realized its hot wallet was emptied, the company spent the first two days following the money trail. Miles said the company engaged with forensic blockchain company Chainalysis for help. The company said it was looking at his logs, but says they have not seen any anomalous logins. Roll uses Amazon’s cloud for its infrastructure, and only a handful of employees have access to the private keys, and their accounts are secured with app-based authentication codes, said Kalla.

“We’re a young company, we’re growing extraordinarily quickly,” said Miles, who admitted that the company’s response “could have been better.”

“There’s no scenario in which you can lose that kind of money and not bring in incident response,” said Jake Williams, founder of cybersecurity firm Rendition Infosec. “The idea that you would try to do a DIY incident response, especially if it’s not your core capability, is just ridiculous.”

“To rebuild trust, the company has to come clean on where the failures were at,” said Williams, a former NSA hacker turned incident responder.

Roll is rebuilding its infrastructure, but did not give a timeline for when the work would be completed. The company said it won’t allow users to make withdrawals until it’s confident that its infrastructure is secure. The company says it will engage a security company to audit the changes to its infrastructure. Roll also said it will reduce how many tokens it holds in its hot wallet.

Miles said the company’s relief fund for creators was raised to $750,000, which he said will go directly to affected communities. The company also plans to hire a dedicated chief information security officer when its next financing round closes.

#blockchains, #chainalysis, #computer-security, #computing, #crypto-economy, #cryptocurrencies, #cryptocurrency, #cryptography, #decentralization, #ethereum, #hack, #payments, #roll, #security, #social-currency, #technology

0

Crypto social network BitClout arrives with a bevy of high profile investors, and skeptics

While much of the recent wave of relentless hype around NFTs — or non-fungible tokens — has been most visibly manifested in high-dollar art auctions or digital trading cards sales, there’s also been a relentless string of chatter among bullish investors who see a future that ties the tokens to the future of social media and creator monetization.

Much of the most spirited conversations have centered on a pre-launch project called BitClout, a social crypto-exchange where users can buy and sell tokens based on people’s reputations. The app, which launches out of private beta tomorrow morning, has already courted plenty of controversy inside the crypto community, but it’s also amassed quite a war chest as investors pump tens of millions into its proprietary currency.

Early backers of the platform’s BitClout currency include a who’s who of Silicon Valley investors including Sequoia Capital and Andreessen Horowitz, the startup’s founder tells TechCrunch. Other investors include Chamath Palihapitiya’s Social Capital, Coinbase Ventures, Winklevoss Capital and Reddit co-founder Alexis Ohanian. A report in Decrypt notes that a single wallet connected to BitClout has received more than $165 million worth of Bitcoin deposits suggesting that huge sums have already poured into the network ahead of its public launch.

BitClout falls into an exploding category of crypto companies that are focusing on tokenized versions of social currency. Others working on building out these individual tokens include Roll and Rally, which aim to allow creators to directly monetize their internet presence and allow their fans to bet on them. Users who believe in a budding artist can invest in their social currency and could earn returns as the creator became more famous and their coins accrued more value.

“If you look at people’s existing relationships with social media companies, it’s this very adversarial thing where all the content they produce is not really theirs but it belongs to the corporation that doesn’t share the monetization with them,” BitClout’s founder, who refers to themselves pseudonymously as “diamondhands,” tells TechCrunch. (There’s been some speculation on their identity as a former founder in the cryptocurrency space, but in a call with TechCrunch, they would not confirm their identity.)

The BitClout platform revolves around the BitClout currency. At the moment users can deposit Bitcoin into the platform which is instantly converted to BitClout tokens and can then be spent on individual creators inside the network. When a creator gets more popular as more users buy their coin, it gets more expensive to buy denominations of their coin. Creators can also opt in to receive a certain percentage of transactions deposited into their own BitClout wallets so that they continue to benefit from their own success.

The company’s biggest point of controversy hinges on what has been opt-in and what has been opt-out for the early group of accounts on the platform. Most other social currency offerings are strictly opt-in. Users come to the platform in search of a way to create tokens that allow them to monetize a fanbase and build a social fabric across multiple platforms. The thought being that if the platforms own the audience then you are at their mercy.

BitClout has taken an aggressive growth strategy here, turning that model on its head. The startup has pre-populated the BitClout network with 15,000 accounts after scraping information from popular public Twitter profiles. This means that BitClout users can buy shares of Kim Kardashian’s social coin or Elon Musk’s without those individuals ever having signed up for a profile or agreeing to it. This hasn’t been well-received by all of those who unwittingly had accounts set up on their behalf including many crypto-savvy users who got scooped up in the initial wave of seeding.

The startup’s founder says that this effort was largely an effort to prevent handle squatting and user impersonation but he believes that as the platform opens, a sizable pre-purchase of creator coins reserved for the owners of these accounts will entice those users to verify their handles to claim the funds.

Perhaps BitClout’s most eyebrow raising quirk is that the platform is launching with a way to invest into the platform and convert bitcoin into BitClout, but at launch there’s no way to cash out funds. The project’s founder says that it’s only a matter of time before this is resolved, and points to Coinbase and the Winkelvoss twin’s status as coin holders as a sign of future exchange support to come, but the company has no specifics to share at launch.

While the founders and investors behind the project see a bright future for social currencies on the blockchain, many in the decentralized community have been less impressed with BitClout’s early efforts to achieve viral adoption among creators in a permission-less manner.

“BitClout will make a great case study on how badly crypto projects can mess up incentive engineering when they try to monetize social networks.” Jay Graber, a decentralized platform researcher involved in Twitter’s bluesky effort, said in a tweet. “Trust and reputation are key, and if you create a sketchy platform and mess with people’s reputations without their consent it is not going to go well.”

If BitClout comes out of the gate and manages to convert enough of its pre-seeded early adopter list that there is value in joining its closed ecosystem version of a social token then it may have strong early momentum in an explosive new space that many creators are finding valuable. The concepts explored by others in the social currency space are sound, but this particular execution of it is a high-risk one. The network launches tomorrow morning so we’ll see soon enough.

#alexis-ohanian, #andreessen-horowitz, #artist, #bitclout, #bitcoin, #co-founder, #coinbase, #coinbase-ventures, #cryptocurrencies, #cryptocurrency, #cryptography, #currency, #digital-currencies, #gemini, #kim-kardashian, #reddit, #sequoia-capital, #social-media, #social-networks, #tc, #winklevoss-capital

0

BlockFi lands a $350M Series D at a $3B valuation for its fast-growing crypto-lending platform

If there were any doubt about a cryptocurrency boom, we need look no further than at the explosion of growth of certain companies in the space.

One such company is BlockFi, which today announced it has closed on a massive $350 million Series D funding that values it at $3 billion. While this news in and of itself is certainly attention-getting, it’s even more impressive when you consider the startup just raised a $50 million Series C last August at a $450 million valuation. The latest financing brings its total equity raised since inception to about $450 million, with the company raising $100 million across its seed and Series C rounds.

Zac Prince — who comes from a background in consumer lending —  founded BlockFi with Flori Marquez in 2017. The Jersey City, New Jersey-based startup raised $1.6 million in a seed round of funding that closed in 2018 and was led by ConsenSys Ventures and included participation from SoFi.  

Prince describes BlockFi as a financial services company for crypto market investors that offers a retail and institutional-facing suite of products. On the retail side of its platform, people can use its mobile app to earn a yield on their crypto holdings (6% on Bitcoin, 8.6% on stablecoins), buy and sell crypto and get low-cost loans secured by the value of their crypto portfolio “so they can get liquidity without selling,” he said. Specifically, clients can buy and sell digital assets (from Bitcoin, Ethereum and Link to Litecoin, PaxG and multiple stablecoins) directly on BlockFi.

The startup is also a lender and provider of trade execution services to institutions participating in digital asset markets. 

It’s a model that seems to be working in a big way. Since the end of 2019, BlockFi has seen its client base grow from 10,000 to more than 225,000. Today, BlockFi has 265,000 funded retail clients and over 200 institutional clients.

And it’s lent over $10 billion to its retail, corporate and institutional clients.

Over the past year, BlockFi has also accomplished the following:

  • Increased the number of assets on its platform to $15 billion, compared to $1 billion last March — with a 0% loss rate across its lending portfolio since inception.
  • Bumped its monthly revenue to over $50 million, up from $1.5 million a year prior.
  • Boosted its headcount to about 530 people, compared to 100 last March.

“In less than six months since we completed our Series C, Bitcoin and other digital assets have assumed a central role in many investors’ portfolios and in broader financial markets,” Prince said. “Our conviction that digital assets are the future of finance has been vindicated by our client base, which grew 10 times year over year in 2020 and has more than doubled since the end of 2020.”

New investor Bain Capital Ventures, partners of DST Global, Pomp Investments and Tiger Global co-led the Series D, which included participation from a slew of other firms including existing backer Valar Ventures, Breyer Capital, Susquehanna Government Products, Jump Capital and Paradigm, among many others. BlockFi employees who have been employed for more than one year have the opportunity to receive liquidity on a portion of their equity via a secondary tender offer as part of the financing round.  

BlockFi believes that investor enthusiasm for the Series D round reflects both the company’s strong business growth, as well as “broader conviction in cryptocurrencies as an asset class.” 

“Individual investors, institutional asset managers and corporate treasury departments are all exploring avenues to invest in cryptocurrencies,” the company said.

“Our goal for BlockFi has always been for it to facilitate cryptocurrencies going mainstream – and each day provides more evidence that is exactly what is occurring,” said Marquez, who serves as the company’s SVP of operations.

Bain Capital Ventures Partner Stefan Cohen agrees. He believes there are currently limited banking services available for crypto holders, which puts BlockFi in an opportune position.

“Bitcoin has already eclipsed $1 trillion in market cap and is likely headed higher to fulfill its store of value promise. As wealth accumulates to BTC holders, most will look for ways to earn yield or borrow against their holdings for more traditional asset purchases such as homes, cars and education,” he wrote via email. “BlockFi stands alone as the leader in bringing simple, secure, everyday financial services to cryptocurrency holders.”

The startup’s exponential growth over the past year proves “there was clearly a huge need for BlockFi’s services,” Cohen said.

“Their vision was to build an easy-to-use, trusted platform to bring cryptocurrency to the mainstream, and they’ve truly succeeded,” he added.

Meanwhile, Cohen said Bain Capital has had a long-term thesis on Bitcoin becoming a store of value and has actively invested in “picks-and-shovels businesses” that enable what is now a $1 trillion-plus market. 

“Trusted financial services are a critical pillar of the space, and we view it as a highly strategic component of the market,” he added.

Looking ahead, the startup has plans to launch in the second quarter a Bitcoin Rewards Credit Card, which will give BlockFi clients the ability to earn Bitcoin cash back on every transaction. It plans to use the new capital to continue growing its product suite, expand into new global markets and for strategic acquisitions. The company also plans to double its headcount by year’s end, according to Prince.

BlockFi already has a global presence and retail clients in over 100 countries. Last year, it opened institutional client service offices in London and Singapore.  This year, the startup is looking to add regional support in Europe, APAC and LatAm for its retail clients. 

Over the past week, BlockFi was making headlines for other reasons. The company was the victim of an “unusual assault” on March 7 when an attacker spammed the platform with fake sign-ups and abusive language.

To that end, the company acknowledges that it became aware that an unauthorized third party began attempting bulk sign-ups on its platform on March 7.

“We do not know the origin of the email addresses used for these ‘sign-ups’  but they did not come from us and they were not the emails of BlockFi clients,” the company told TechCrunch. “In general, we would characterize the event as vulgar spam’ and the total number of valid emails affected was less than 1,000.”

The company maintains that no data from BlockFi was accessed and its data was not compromised.  

“Our clients’ funds and data were safeguarded throughout the incident,” the company added. “Since then, our engineering and security teams have taken steps to prevent events like this from happening in the future. In addition, we reached out directly to all of the valid email recipients to apologize for the incident.”

#bain-capital-ventures, #bitcoin, #blockfi, #breyer-capital, #consensys, #consensys-ventures, #cryptocurrencies, #cryptocurrency, #cryptography, #currency, #digital-currencies, #dst-global, #finance, #financial-services, #funding, #fundings-exits, #jump-capital, #new-jersey, #paradigm, #recent-funding, #stablecoin, #startups, #tc, #tiger-global, #valar-ventures, #venture-capital

0

America’s small businesses face the brunt of China’s Exchange server hacks

As the U.S. reportedly readies for retaliation against Russia for hacking into some of the government’s most sensitive federal networks, the U.S. is facing another old adversary in cyberspace: China.

Microsoft last week revealed a new hacking group it calls Hafnium, which operates in, and is backed by, China. Hafnium used four previously unreported vulnerabilities — or zero-days — to break into at least tens of thousands of organizations running vulnerable Microsoft Exchange email servers and steal email mailboxes and address books.

It’s not clear what Hafnium’s motives are. Some liken the activity to espionage — a nation-state gathering intelligence or industrial secrets from larger corporations and governments.

But what makes this particular hacking campaign so damaging is not only the ease with which the flaws can be exploited, but also how many — and how widespread — the victims are.

Security experts say the hackers automated their attacks by scanning the internet for vulnerable servers, hitting a broad range of targets and industries — law firms and policy think tanks, but also defense contractors and infectious disease researchers. Schools, religious institutions, and local governments are among the victims running vulnerable Exchange email servers and caught up by the Hafnium attacks.

While Microsoft has published patches, the U.S. federal cybersecurity advisory agency CISA said the patches only fix the vulnerabilities — and won’t close any backdoors left behind by the hackers.

There is little doubt that larger, well-resourced organizations have a better shot at investigating if their systems were compromised, allowing those victims to prevent further infections, like destructive malware or ransomware.

But that leaves the smaller, rural victims largely on their own to investigate if their networks were breached.

“The types of victims we have seen are quite diverse, many of whom outsource technical support to local IT providers whose expertise is in deploying and managing IT systems, not responding to cyber threats,” said Matthew Meltzer, a security analyst at Volexity, a cybersecurity firm that helped to identify Hafnium.

Without the budget for cybersecurity, victims can always assume they are compromised – but that doesn’t equate to knowing what to do next. Patching the flaws is just one part of the recovery effort. Cleaning up after the hackers will be the most challenging part for smaller businesses that may lack the cybersecurity expertise.

It’s also a race against the clock to prevent other malicious hackers from discovering or using the same vulnerabilities to spread ransomware or launch destructive attacks. Both Red Canary and Huntress said they believe hacking groups beyond Hafnium are exploiting the same vulnerabilities. ESET said at least ten groups were also exploiting the same server flaws.

Katie Nickels, director of intelligence at threat detection firm Red Canary, said there is “clearly widespread activity” exploiting these Exchange server vulnerabilities, but that the number of servers exploited further has been fewer.

“Cleaning up the initial web shells will be much easier for the average IT administrator than it would be to investigate follow-on activity,” said Nickels.

Microsoft has published guidance on what administrators can do, and CISA has both advice and a tool that helps to search server logs for evidence of a compromise. And in a rare statement, the White House’s National Security Council warned that patching alone “is not remediation,” and urged businesses to “take immediate measures.”

How that advice trickles down to smaller businesses will be watched carefully.

Cybersecurity expert Runa Sandvik said many victims, including the mom-and-pop shops, may not even know they are affected, and even if they realize they are, they’ll need step-by-step guidance on what to do next.

“Defending against a threat like this is one thing, but investigating a potential breach and evicting the actor is a larger challenge,” said Sandvik. “Companies have people who can install patches — that’s the first step — but figuring out if you’ve been breached requires time, tools, and logs.”

Security experts say Hafnium primarily targets U.S. businesses, but that the attacks are global. Europe’s banking authority is one of the largest organizations to confirm its Exchange email servers were compromised by the attack.

Norway’s national security authority said that it has “already seen exploitation of these vulnerabilities” in the country and that it would scan for vulnerable servers across Norway’s internet space to notify their owners. Slovenia’s cybersecurity response unit, known as SI-CERT, said in a tweet that it too had notified potential victims in its internet space.

Sandvik said the U.S. government and private sector could do more to better coordinate the response, given the broad reach into U.S. businesses. CISA proposed new powers in 2019 to allow the agency to subpoena internet providers to identify the owners of vulnerable and unpatched systems. The agency just received those new powers in the government’s annual defense bill in December.

“Someone needs to own it,” said Sandvik.


Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using SecureDrop.

#banking, #china, #cisa, #computer-security, #computing, #cryptography, #cyberattack, #cybercrime, #cyberwarfare, #europe, #fireeye, #government, #law-firms, #microsoft, #norway, #russia, #security, #tor, #united-states, #vulnerability, #zero-day

0

Identiq, a privacy-friendly fraud prevention startup, secures $47M at Series A

Israeli fraud prevention startup Identiq has raised $47 million at Series A as the company eyes international growth, driven in large part by the spike in online spending during the pandemic.

The round was led by Insight Partners and Entrée Capital, with participation from Amdocs, Sony Innovation Fund by IGV, as well as existing investors Vertex Ventures Israel, Oryzn Capital, and Slow Ventures.

Fraud prevention is big business, which is slated to be worth $145 billion by 2026, ballooning by eightfold in size compared to 2018. But it’s a data hungry industry, fraught with security and privacy risks, having to rely on sharing enormous sets of consumer data in order to learn who legitimate customers are in order to weed out the fraudsters, and therefore.

Identiq takes a different, more privacy-friendly approach to fraud prevention, without having to share a customer’s data with a third-party.

“Before now, the only way companies could solve this problem was by exposing the data they were given by the user to a third party data provider for validation, creating huge privacy problems,” Identiq’s chief executive Itay Levy told TechCrunch. “We solved this by allowing these companies to validate that the data they’ve been given matches the data of other companies that already know and trust the user, without sharing any sensitive information at all.”

When an Identiq customer — such as an online store — sees a new customer for the first time, the store can ask other stores in Identiq’s network if they know or trust that new customer. This peer-to-peer network uses cryptography to help online stores anonymously vet new customers to help weed out bad actors, like fraudsters and scammers, without needing to collect private user data.

So far, the company says it already counts Fortune 500 companies as customers.

Identiq said it plans to use the $47 million raise to hire and grow the company’s workforce, and aims to scale up its support for its international customers.

#articles, #cryptography, #customer-data, #digital-rights, #entree-capital, #human-rights, #identity-management, #insight-partners, #marketing, #online-shopping, #online-stores, #peer-to-peer, #privacy, #security, #slow-ventures, #sony, #sony-innovation-fund, #startups, #terms-of-service, #vertex-ventures

0

Microsoft says China-backed hackers are exploiting Exchange zero-days

Microsoft is warning customers that a new China state-sponsored threat actor is exploiting four previously undisclosed security flaws in Exchange Server, an enterprise email product built by the software giant.

The technology company said Tuesday that it believes the hacking group, which it calls Hafnium, tries to steal information from a broad range of U.S.-based organizations, including law firms and defense contractors, but also infectious disease researchers and policy think tanks.

Microsoft said Hafnium used the four newly discovered security vulnerabilities to break into Exchange email servers running on company networks, granting the attackers to steal data from a victim’s organization — such as email accounts and address books — and the ability to plant malware. When used together, the four vulnerabilities create an attack chain that can compromise vulnerable servers running on-premise Exchange 2013 and later.

Hafnium operates out of China, but uses servers located in the U.S. to launch its attacks, the company said. Microsoft said that Hafnium was the only threat group it has detected using these four new vulnerabilities.

Microsoft declined to say how many successful attacks it had seen, but described the number as “limited.”

Patches to fix those four security vulnerabilities are now out, a week earlier than the company’s typical patching schedule, usually reserved for the second Tuesday in each month.

“Even though we’ve worked quickly to deploy an update for the Hafnium exploits, we know that many nation-state actors and criminal groups will move quickly to take advantage of any unpatched systems,” said Tom Burt, Microsoft’s vice president for customer security.

The company said it has also briefed U.S. government agencies on its findings, but that the Hafnium attacks are not related to the SolarWinds-related espionage campaign against U.S. federal agencies. In the last days of the Trump administration, the National Security Agency and the FBI said that the SolarWinds campaign was “likely Russian in origin.”

#china, #computer-security, #computing, #cryptography, #cyberattack, #cybercrime, #cyberwarfare, #defense-contractors, #federal-bureau-of-investigation, #internet-security, #law-firms, #microsoft, #national-security-agency, #security, #software, #solarwinds, #technology, #threat, #trump-administration, #u-s-government, #united-states, #vulnerability

0

Jamaica’s Amber Group fixes second JamCOVID security lapse

Amber Group has fixed a second security lapse that exposed private keys and passwords for the government’s JamCOVID app and website.

A security researcher told TechCrunch on Sunday that the Amber Group left a file on the JamCOVID website by mistake, which contained passwords that would have granted access to the backend systems, storage, and databases running the JamCOVID site and app. The researcher asked not to be named for fears of legal repercussions from the Jamaican government.

This file, known as an environment variables (.env) file, is often used to store private keys and passwords for third-party services that are necessary for cloud applications to run. But these files are sometimes inadvertently exposed or uploaded by mistake, but can be abused to gain access to data or services that the cloud application relies on if found by a malicious actor.

The exposed environmental variables file was found in an open directory on the JamCOVID website. Although the JamCOVID domain appears to be on the Ministry of Health’s website, Amber Group controls and maintains the JamCOVID dashboard, app, and website.

The exposed file contained secret credentials for the Amazon Web Services databases and storage servers for JamCOVID. The file also contained a username and password to the SMS gateway used by JamCOVID to send text messages, and credentials for its email-sending server. (TechCrunch did not test or use any of the passwords or keys as doing so would be unlawful.)

A portion of the exposed credentials found on the JamCOVID website, controlled and maintained by Amber Group. (Image: TechCrunch)

TechCrunch contacted Amber Group’s chief executive Dushyant Savadia to alert the company to the security lapse, who pulled the exposed file offline a short time later. We also asked Savadia, who did not comment, to revoke and replace the keys.

Matthew Samuda, a minister in Jamaica’s Ministry of National Security, did not respond to a request for comment or our questions — including if the Jamaican government plans to continue its contract or relationship with Amber Group, and what — if any — security requirements were agreed upon by both the Amber Group and the Jamaican government for the JamCOVID app and website?

Details of the exposure comes just days after Escala 24×7, a cybersecurity firm based in the Caribbean, claimed that it had found no vulnerabilities in the JamCOVID service following the initial security lapse.

Escala’s chief executive Alejandro Planas declined to say if his company was aware of the second security lapse prior to its comments last week, saying only that his company was under a non-disclosure agreement and “is not able to provide any additional information.”

This latest security incident comes less than a week after Amber Group secured a passwordless cloud server hosting immigration records and negative COVID-19 test results for hundreds of thousands of travelers who visited the island over the past year. Travelers visiting the island are required to upload their COVID-19 test results in order to obtain a travel authorization before their flights. Many of the victims whose information was exposed on the server are Americans.

One news report recently quoted Amber’s Savadia as saying that the company developed JamCOVID19 “within three days.”

Neither the Amber Group nor the Jamaican government have commented to TechCrunch, but Samada told local radio that it has launched a criminal investigation into the security lapse.


Send tips securely over Signal and WhatsApp to +1 646-755-8849. You can also send files or documents using our SecureDrop. Learn more

#amazon-web-services, #caribbean, #cloud-applications, #cloud-computing, #cloud-infrastructure, #cryptography, #government, #operating-systems, #password, #securedrop, #security, #signal, #sms, #software

0

Base Operations raises $2.2 million to modernize physical enterprise security

Typically when we talk about tech and security, the mind naturally jumps to cybersecurity. But equally important, especially for global companies with large, multinational organizations, is physical security – a key function at most medium-to-large enterprises, and yet one that to date, hasn’t really done much to take advantage of recent advances in technology. Enter Base Operations, a startup founded by risk management professional Cory Siskind in 2018. Base Operations just closed their $2.2 million seed funding round, and will use the money to capitalize on its recent launch of a street-level threat mapping platform for use in supporting enterprise security operations.

The funding, led by Good Growth Capital and including investors like Magma Partners, First In Capital, Gaingels and First Round Capital founder Howard Morgan, will be used primarily for hiring, as Base Operations looks to continue its team growth after doubling its employe base this past month. It’ll also be put to use extending and improving the company’s product, and growing the startup’s global footprint. I talked to Siskind about her company’s plans on the heels of this round, as well as the wider opportunity and how her company is serving the market in a novel way.

“What we do at Base Operations is help companies keep their people in operation secure with ‘Micro Intelligence,’ which is street-level threat assessments that facilitate a variety of routine security tasks in the travel security, real estate and supply chain security buckets,” Siskind explained. “Anything that the Chief Security Officer would be in charge of, but not cyber – so anything that intersects with the physical world.”

Siskind has first-hand experience about the complexity and challenges that enter into enterprise security, since she began her career working for global strategic risk consultancy firm Control Risks in Mexico City. Because of her time in the industry, she’s keenly aware of just how far physical and political security operations lag behind their cybersecurity counterparts. It’s an often-overlooked aspect of corporate risk management, particularly since in the past it’s been something that most employees at North American companies only ever encounter periodically, when their roles involve frequent travel. The events of the past couple of years have changed that, however.

“This was the last bastion of a company that hadn’t been optimized by a SaaS platform, basically, so there was some resistance and some allegiance to legacy players,” Siskind told me. “However, the events of 2020 sort of turned everything on its head, and companies realized that the security department ,and what happens in the physical world, is not just about compliance – it’s actually a strategic advantage to invest in those sort of services, because it helps you maintain business continuity.”

The COVID-19 pandemic, increased frequency and severity of natural disasters, and global political unrest all had significant impact on businesses worldwide in 2020, and Siskind says that this has proven a watershed moment in how enterprises consider physical security in their overall risk profile and strategic planning cycles.

“[Companies] have just realized that if you don’t invest and how to keep your operations running smoothly in the face of rising catastrophic events, you’re never going to achieve the the profits that you need, because it’s too choppy, and you have all sorts of problems,” she said.

Base Operations addresses this problem by taking available data from a range of sources and pulling it together to inform threat profiles. Their technology is all about making sense of the myriad stream of information we encounter daily – taking the wash of news that we sometimes associate with ‘doom-scrolling’ on social media, for instance, and combining it with other sources using machine learning to extrapolate actionable insights.

Those sources of information include “government statistics, social media, local news, data from partnerships, like NGOs and universities,” Siskind said. That data set powers their Micro Intelligence platform, and while the startup’s focus today is on helping enterprises keep people safe, while maintaining their operations, you can easily see how the same information could power everything from planning future geographical expansion, to tailoring product development to address specific markets.

Siskind saw there was a need for this kind of approach to an aspect of business that’s essential, but that has been relatively slow to adopt new technologies. From her vantage point two years ago, however, she couldn’t have anticipated just how urgent the need for better, more scalable enterprise security solutions would arise, and Base Operations now seems perfectly positioned to help with that need.

#artificial-intelligence, #computer-security, #cryptography, #data-security, #enterprise, #first-round-capital, #funding, #law-enforcement, #machine-learning, #magma-partners, #malware, #mexico-city, #real-estate, #risk-management, #saas, #security, #security-guard, #social-media, #startup, #tc

0

Crypto-currency pioneer Diana Biggs joins digital assets startup Valour as its new CEO

Crypto-currency pioneer and early Bitcoin thought-leader Diana Biggs has joined Swiss-based startup Valour, which lets investors easily buy digital assets through their bank or broker. The move is significant with the news that Tesla has bought $1.5 billion worth of Bitcoin, thus massively boosting the mainstream markets for crypto assets. Biggs explored the potential for blockchain technology to help solve humanitarian challenges through her venture, Proof of Purpose, in 2017, and her TEDx speech on Blockchain Technology that year is considered by many in the blockchain space to be one of the best in the genre.

Valour, a Zug, Switzerland-based issuer of investment products, brought in Biggs, the former Private Banking Global Head of Innovation for HSBC, as CEO after recently launching Bitcoin Zero, a fee-free, digital asset ETP product, which trades on the NGM stock exchange.

Biggs, who has been in the Bitcoin space since 2013 told TechCrunch: “I have never seen this much attention to Bitcoin and other crypto-assets… The time for decentralized technologies has arrived, and their potential is increasingly realized by institutional investors.”

Johan Wattenström, the founder of Valour, said: “Diana is the perfect candidate to lead the company through this next phase of growth and expansion. With a wealth of experience in traditional finance, as well as fintech, and her vision for bringing digital assets into the mainstream, we feel very lucky to have her on board.” Wattenström created and listed the digital asset ETP on Nasdaq Nordic, in 2015.

Biggs is an Associate Fellow at the University of Oxford’s Saïd Business School and served as Head Tutor for their Blockchain Strategy Programme from 2018 to 2020. She is on the Board of the World Economic Forum’s Digital Leaders of Europe community and is a member of the Milken Institute’s Young Leaders Circle. Prior to joining Valour, Biggs was Global Head of Innovation for HSBC Private Banking, where she led on fintech partnerships and driving open innovation.

#bank, #bitcoin, #broker, #ceo, #cryptocurrencies, #cryptography, #currency, #digital-currencies, #europe, #finance, #founder, #switzerland, #tc, #tesla, #world-economic-forum, #zug

0

Israeli startup CYE raises $100M to help companies shore up their cyber-defenses

Cybersecurity startup CYE has raised $100 million in a new growth round, led by investment firm EQT and with participation from 83North.

CYE was founded in 2012 by Reuven Aronashvili to help companies shore up their security posture. It does this in large part by conducting offensive operations against their customers — with their explicit consent — to find weaknesses in their network defenses before malicious hackers do. The company also provides incident response and security consultants, as well as its flagship product, Hyver, which helps companies assess their entire network and assets.

It’s a bet that’s working: CYE says it has been profitable since it was founded, and has customers in the Fortune 500. The company has presence in London, and recently opened a New York office.

CYE’s chief marketing officer Sharon Argov told TechCrunch that the company will use the $100 million investment to expand its operations, invest in research and development, sales and marketing, and plans to double its 80-person workforce.

Aronashvili said in remarks that the company is “laser-focused on building a company that fundamentally changes the way organizations approach cybersecurity, enabling them to accurately assess the most urgent threats to their business.”

#computer-security, #computing, #cryptography, #cybercrime, #data-protection, #data-security, #eqt, #laser, #london, #malware, #new-york, #security, #technology

0

Divers recover a WWII Code Machine from the Baltic Sea

A deep-sea diver examines a heavily encrusted piece of machinery on the seabed.

Enlarge (credit: Reuters/Christian Howe)

When Nazi naval officers tossed their ship’s Enigma encryption machine overboard, they probably thought they were putting the device beyond anyone’s reach. Blissfully unaware that Allied cryptanalysts in Poland and at Bletchley Park in the UK had broken the Enigma code, the Nazis had standing orders to destroy their encryption devices to keep them out of Allied hands. Eighty years later, divers found the once-secret device tangled in an abandoned fishing net on the seafloor, and now it’s set to be put on display for everyone to see. LOL, Nazis pwned.

Research diver Florian Huber and his colleagues were trying to clear abandoned fishing nets from the Bay of Gelting, on the Baltic Sea near the German-Danish border, when they found the artifact. Derelict nets and other discarded fishing gear can still entangle fish, sea turtles, diving birds, and marine mammals like seals and dolphins. The World Wildlife Fund had hired the divers to clear them in November 2020.

“A colleague swam up and said ‘There’s a net there with an old typewriter in it,” Huber told the DPA news agency.

Read 7 remaining paragraphs | Comments