Categories
News

Investors and startups are seeking ways to entertain and protect kids online

As streaming services like HBO Max, Netflix and Disney+ plus vie for subscription dollars and YouTube, Xumo, Kanopy, Tubi TV, Vudu and Pluto TV try to take more ad revenue from traditional television, entertainment for kids — and the tech tools that manage their screen time — are becoming more important.

On the streaming side, Netflix has been marshaling its resources for months, poaching talent like Chris Nee, creator of the “Doc Mcstuffins” Disney Channel series, Naketha Mattocks (“The Descendants”) and Kenny Ortega (“High School Musical”) — to join its stable of creative talent. HBO Max locked in several years of “Sesame Street” shows, which will be available when its service launches in May. Finally, there’s Disney+, which has racked up 28.6 million subscribers for its service as of February 3.

Disney+ already has 28.6M subscribers

Recognizing the threat, ad-supported platforms are coming up with their own responses. Some of these platforms also stream the same programs that are available on the subscription services, but as exclusivity becomes more important, audiences and entertainers can expect platforms like YouTube, Facebook and others to spend more heavily on original shows that attract younger audiences.

For instance, Facebook intends to spend $1.4 billion on programming for its Facebook Watch service, according to a report in The Information.

Read more: feedproxy.google.com

Categories
Software

Open Cybersecurity Alliance announces new language for connecting cybersecurity tools

The Open Cybersecurity Alliance (OCA) announced the availability of OpenDXL Ontology, its open-source language for connecting cybersecurity tools through a common messaging framework. 

“With open source code freely available to the security community, OpenDXL Ontology enables any tool to automatically gain the ability to communicate and interoperate with all other technologies using this language,” the OCA explained in a post.

RELATED CONTENT: ‘Security debt’ focus of 2019 State of Software Security report

OpenDXL Ontology is based on the Open Data Exchange Layer (OpenDXL), an open messaging framework to develop and share integrations with other tools. With the release of the language, the alliance can provide a single, common solution for notifications, information, actions and communicating with other tools. In addition, it  provides companies with a set of tooling that can be applied once and automatically reused everywhere across all product categories, while also eliminating the need to update integrations as product versions and functionalities change

“For example, if a certain tool detects a compromised device, it could automatically notify all other tools and even quarantine that device using a standard message format readable by all. While previously this was only possible with custom integrations between individual products, it will now be automatically enabled between all tools that adopt OpenDXL Ontology,” according to the alliance.

The OCA community said it is currently collaborating on GitHub and Slack to further new open-source code and use-cases for cybersecurity industry interoperability. The OCA will continue development for both STIX Shifter, an out-of-the-box search capability for security products of all types, and OpenDXL Ontology.

“The adoption of OpenDXL Ontology will help create a stronger, united front to defend and protect across all types of security tools, while reducing the burden of point integrations between individual products,” the OCA wrote. 

The alliance also announced the formation of a technical steering committee to help drive the technical direction and development of the organization. Members of the committee include leaders from AT&T, IBM Security, McAfee, Packet Clearinghouse and Tripwire.

The post Open Cybersecurity Alliance announces new language for connecting cybersecurity tools appeared first on SD Times.

Read more: sdtimes.com

Categories
News

Rallyhood exposed a decade of users’ private data

Rallyhood says it’s “private and secure.” But for some time, it wasn’t.

The social network designed to help groups communicate and coordinate left one of its cloud storage buckets containing user data open and exposed. The bucket, hosted on Amazon Web Services (AWS), was not protected with a password, allowing anyone who knew the easily-guessable web address access to a decade’s worth of user files.

Rallyhood boasts users from Girl Scout and Boy Scout troops, and Komen, Habitat for Humanities, and YMCA factions. The company also hosts thousands of smaller groups, like local bands, sports teams, art clubs, and organizing committees. Many flocked to the site after Rallyhood said it would help migrate users from Yahoo Groups, after Verizon (which also owns TechCrunch) said it would shut down the discussion forum site last year.

The bucket contained group data as far back to 2011 up to and including last month. In total, the bucket contained 4.1 terabytes of uploaded files, representing millions of users’ files.

Some of the files we reviewed contained sensitive data, like shared password lists and contracts or other permission slips and agreements. The documents also included non-disclosure agreements and other files that were not intended to be public.

Where we could identify contact information of users whose information was exposed, TechCrunch reached out to verify the authenticity of the data.

A security researcher who goes by the handle Timeless found the exposed bucket and informed TechCrunch, so that the bucket and its files could be secured.

When reached, Rallyhood chief technology officer Chris Alderson initially claimed that the bucket was for “testing” and that all user data was stored “in a highly secured bucket,” but later admitted that during a migration project, “there was a brief period when permissions were mistakenly left open.”

It’s not known if Rallyhood plans to warn its users and customers of the security lapse. At the time of writing, Rallyhood has made no statement on its website or any of its social media profiles of the incident.

Stop saying, ‘We take your privacy and security seriously’


Read more: feedproxy.google.com

Categories
Software

Microsoft releases Threat Protection with support for iOS and Android

Microsoft has announced the general availability of its cybersecurity solution. Microsoft Threat Protection (MTP) is designed to provide security checks across users, emails, applications, and endpoints. The solution alerts users and takes action using AI so that security professionals can automatically detect, investigate, and stop coordinated multi-point attacks, Microsoft explained

In addition, it weeds out the unimportant and amplifies signals that might have been missed, freeing defenders to work on the incidents that need their attention, according to Microsoft. 

The company explained that previous security solutions are designed to protect against threats for each domain separately, but now threat detection with built-in intelligence can understand how an attack got in, prevent its spread across domains, and automatically heal compromised assets. 

“The world is indeed getting more complicated, but the public cloud combined with human expertise and industry collaboration are delivering innovation that gives the advantage back to the defenders of cyberspace. We have never been more optimistic about the potential for technology to support and scale your most precious cybersecurity assets – your people,” Microsoft wrote in a blog post.

The AI capabilities built into Microsoft Security solutions are trained on 8 trillion daily threat signals and the insights of 3,500 security experts. Custom algorithms and machine learning models make, and learn from, billions of queries every day, according to Microsoft.

“The Threat Analytics report in MTP provides an exposure view and recommends the customer apply the appropriate Outlook security patch that will prevent this attack from recurring,” Microsoft wrote. 

MTP currently supports Linux, with plans to support iOS and Android.

The post Microsoft releases Threat Protection with support for iOS and Android appeared first on SD Times.

Read more: sdtimes.com

Categories
News

China Roundup: Amid coronavirus, tech firms offer ways to maintain China’s lifeblood

Hello and welcome back to TechCrunch’s China Roundup, a digest of recent events shaping the Chinese tech landscape and what they mean to people in the rest of the world. The coronavirus outbreak is posing a devastating impact on people’s life and the economy in China, but there’s a silver lining that the epidemic might have benefited a few players in the technology industry as the population remains indoors.

The SARS (severe acute respiratory syndrome) virus that infected thousands and killed hundreds in China back in 2002 is widely seen as a catalyst for the country’s fledgling e-commerce industry. People staying indoors to avoid contracting the deadly virus flocked to shop online. Alibaba’s Taobao, an eBay-like digital marketplace, notably launched at the height of the SARS outbreak.

“Although it sickened thousands and killed almost eight hundred people, the outbreak had a curiously beneficial impact on the Chinese internet sector, including Alibaba,” wrote China internet expert Duncan Clark in his biography of Alibaba founder Jack Ma.

Nearly two decades later, as the coronavirus outbreak sends dozens of Chinese cities into various kinds of lockdown, tech giants are again responding to fill consumers’ needs amid the crisis. Others are providing digital tools to help citizens and the government battle the disease.

According to data from analytics company QuestMobile, Chinese people’s average time spent on the mobile internet climbed from 6.1 hours a day in January, to 6.8 hours a day during Chinese New Year, to an astounding daily usage of 7.3 hours post-holiday as businesses delay returning to the office or resuming on-premises operation.

Here’s a look at what some of them are offering.

Remote work apps: Boom and crash

China’s enterprise software industry has been slow to take off in comparison to the West, though it’s slowly picking up steam as the country’s consumer-facing industry becomes crowded, prompting investors and tech behemoths to bet on more business-oriented services. Now remote work apps are witnessing a boom as millions are confined to working from home.

The online education sector is experiencing a similar uptick as schools nationwide are suspended, according to data from research firm Sensor Tower.

The main players trying to tap the nationwide work-from-home practice are Alibaba’s DingTalk, Tencent’s WeChat Work, and ByteDance’s Lark. App rankings compiled  by Sensor Tower show that all three apps experienced significant year-over-year growth in downloads from January 22 through February 20, though their user bases vary greatly:

DingTalk: 1,446%

Lark: 6,085%

WeChat Work: 572%

DingTalk, launched in 2014 by an Alibaba team after its failed attempt to take on WeChat, shot up to the most-downloaded free iOS app in China in early February. The app claimed in August that more than 10 million enterprises and over 200 million individual users had registered on its platform.

Dingtalk became China’s most-downloaded free iOS app mid the coronavirus outbreak. Data: Sensor Tower

WeChat’s enterprise version WeChat Work, born in 2016, trailed closely behind DingTalk, rising to second place among free iOS apps in the same period. In December, WeChat Work announced it had logged more than 2.5 million enterprises and some 60 million active users.

Lark, launched only in 2019, pales in comparison to its two predecessors, hovering around the 300th mark in early February. Nonetheless, Lark appears to be making a big user acquisition push recently by placing ads on its sibling Douyin, TikTok’s China version. Douyin has emerged as a marketing darling as advertisers rush to embrace vertical, short videos, and Lark can certainly benefit from exposure on the red-hot app. WeChat, despite its colossal one-billion monthly user base, has remained restrained in ad monetization.

The question is whether the sudden boom will develop into a sustainable growth trend for these apps. System crashes on DingTalk and WeChat Work due to user influx at the start of the remote working regime might suggest that neither had projected such traffic volumes on its growth curve. After all, most businesses are expected to resume in-person communication when safety conditions are ensured.

Indeed, the work-from-home model has been widely ill-received by employees who are frustrated with intrusive company rules like “keep your webcam on while working from home.” In a more unexpected turn, DingTalk suffered from a backlash after it added tools to host online classes for students. Resentful that the app had spoiled their extended holiday, young users flooded to give DingTalk one-star ratings.

Face mask algorithms

To curb the spread of the virus, local governments in China have mandated people to wear masks in public, posing a potential challenge to the country’s omnipresent facial recognition-powered identity checks. But the technologies necessary to handle the situation is already in place, such as iris scanning.

Travelers whom I spoke to reported they are now able to pass through train station security without taking their masks off — which could sound an alarm to privacy-conscious individuals. But it’s unclear whether the change is due to more advanced forms of biometrics technologies or that the authority had temporarily loosened security on low-risk individuals. People still have to scan their ID cards before getting their biometrics verified and travelers whose identities have been flagged could trigger stricter screening, people familiar with China’s AI industry told me. They added that the latter case is more probable, for it will take time to implement a nationwide infrastructure upgrade.

Digital passes

Local governments have also introduced tools for people to attain digital records of their travel history, which has become some sort of permit to go about their daily life, be it returning to work, their apartment, or even the city they live in.

One example is web-based app Close Contact Detector developed by a state-owned company. Users can obtain a record of their travel history by opting to submit their names, ID numbers and phone numbers. So far the app has drawn more scorn than praise for containing the virus, bringing people to the questions: If the government already has a grip on people’s travel history, why didn’t it react earlier to restrict the free flow of travelers? Why did it only introduce the service a few weeks after the first big outbreak?

All of this could point to the challenge of collecting and consolidating citizen data across departments and regions, despite China’s ongoing efforts to encourage the use of social credits nationwide through the use of real-name registration and big data. The health crisis appears to have accelerated this data-unification process. The pressing question is how the government will utilize these data following the outbreak.

Eg migrants who’d been in Hubei slipped through the cracks while 10s of thousands Hubeiren outside the province are left stranded (what’s all that use of SIM card location tracking +face scans?) and SH gov’t late to disclose affected neighborhoods (data supposedly easy to attain)

— Rita Liao (@ritacyliao) February 12, 2020

Many of these digital permits are powered by WeChat on the merit of the messenger’s ubiquity and broad-ranging functions in Chinese society. In Shenzhen, where WeChat’s parent Tencent is headquartered, cars can only enter the city after the drivers use WeChat to scan a QR code hung by a drone — for the obvious reason to avoid contact with checkpoint officers — and digitally file their travel history.

Photo: Xinhua News

Citizen reporting

As the fast-spreading virus fuels rumors, individual citizens are playing an active role in combating misinformation. Dxy.cn (丁香园), an online community targeting medical professionals, responded swiftly with a fact-checking feature dedicated to the coronavirus and a national map tracking the development of the outbreak in real time.

Yikuang, the brainchild of several independent developers and app review site Sspai.com, is one of the first WeChat-based services to map neighborhoods with confirmed cases using official data from local governments.

Young citizens have also joined in. A Shanghai-based high school senior and his peers launched a blog that provides Chinese summaries of coronavirus coverage from news organizations around the world.

Dining and entertainment

The nationwide lockdown is almost guaranteed a boon to online entertainment. The short video sector recorded 569 million daily active users in the post-holiday period, far exceeding 492 million on a regular daily basis, shows QuestMobile. Video streaming sites are gathering musicians to virtually perform and movies are premiering online as the virus forces live venues and cinemas to shut.

Many Chinese cities have gone as far as to ban eating in restaurants during the epidemic, putting the burden on food and grocery delivery services. To ensure safety, delivery companies have devised ways to avoid human interaction, such as Meituan Dianping’s “contactless” solution, which is in effect a self-served cabinet to temporarily store food orders awaiting customer pickup.

China’s food delivery company @meituan launched this “contactless” service that provides zero physical contact between customers and delivery folks amid #coronavirus pic.twitter.com/6BPXPPnI0K

— Keith Zhai (@QiZHAI) February 3, 2020


Read more: feedproxy.google.com

Categories
Software

New surveys provide insight into programming languages Nim and Clojure

The results of both the Nim and Clojure community surveys are both in, providing some insight into how the community interacts with each language.

Nim is a programming language that compiles to C, C++, and JavaScript, while Clojure is a dialect of Lisp on the Java platform. 

According to the Nim survey, which garnered 908 responses, the majority of respondents use Nim, but only occasionally. Forty-one percent said they use Nim once every few weeks, 24.8% said they have never used it, 23.2% said they use it frequently, and 10.6% percent said they used to use Nim but don’t anymore.

Among those that don’t use Nim, reasons for not using it are that it doesn’t have the right libraries (30%), it is perceived as immature and not ready for production (26%), it is perceived as too risky for production (20%), and it doesn’t have enough learning materials (19%). For those who stopped using Nim, reasons include lack of libraries, incomplete documentation, bad editor support, and that coworkers don’t use it. 

In addition, about half of the respondents only recently started using Nim, stating that they started within the past six months. Most Nim users are from Europe. About half of the respondents are European, 27.6% are from North America, and 12% are from Asia. 

Clojure sees increased use in work environments
The Clojure survey revealed that there is a growing use of Clojure for work projects, the highest percentage since the first survey in 2010. Work use is followed by hobby, tinkering, and studies. 

“In 2010, most users had been using Clojure for just weeks or months, and few were using it as a language for serious work. This year, we see consistent and growing use for work, steady interest in the key value propositions of Clojure, and an ever-evolving community of users,” the Clojure team wrote in the survey results

They also saw an increase in companies size of those using Clojure. There was a 3% increase in companies greater than 1000 employees, while there was a reduction in companies that are less than 10 employees.  

The top uses for Clojure this year were web dev, open source projects, commercial services, and enterprise apps. The results haven’t changed much over the years they’ve been surveying, except for there was an increase in usage for enterprise apps this year. 

In addition, the most valued elements to Clojure users include functional programming, the REPL, immutable data, ease of development, and host interoperability. 

They also surveyed developers about how they communicate with other Clojure developers. Most used Slack, followed by the r/clojure subreddit, StackOverflow, YouTube, a local Clojure meetup, and others. 

The post New surveys provide insight into programming languages Nim and Clojure appeared first on SD Times.

Read more: sdtimes.com

Categories
News

Do phones need to fold?

As Samsung (re)unveiled its clamshell folding phone last week, I kept seeing the same question pop up amongst my social circles: why?

I was wondering the same thing myself, to be honest. I’m not sure even Samsung knows; they’d win me over by the end, but only somewhat. The halfway-folded, laptop-style “Flex Mode” allows you to place the phone on a table for hands-free video calling. That’s pretty neat, I guess. But… is that it?

The best answer to “why?” I’ve come up with so far isn’t a very satisfying one: Because they can (maybe). And because they sort of need to do something.

Let’s time-travel back to the early 2000s. Phones were weird, varied and no manufacturers really knew what was going to work. We had basic flip phones and Nokia’s indestructible bricks, but we also had phones that swiveled, slid and included chunky physical keyboards that seemed absolutely crucial. The Sidekick! LG Chocolate! BlackBerry Pearl! Most were pretty bad by today’s standards, but it was at least easy to tell one model from the next.

(Photo by Kim Kulish/Corbis via Getty Images)

Then came the iPhone in 2007; a rectangular glass slab defined less by physical buttons and switches and more by the software that powered it. The device itself, a silhouette. There was hesitation to this formula, initially; the first Android phones shipped with swiveling keyboards, trackballs and various sliding pads. As iPhone sales grew, everyone else’s buttons, sliders and keyboards were boiled away as designers emulated the iPhone’s form factor. The best answer, it seemed, was a simple one.

Twelve years later, everything has become the same. Phones have become… boring. When everyone is trying to build a better rectangle, the battle becomes one of hardware specs. Which one has the fastest CPU? The best camera?

Read more: feedproxy.google.com

Categories
Software

Google announces first developer preview of Android 11

The Android team is revealing its plans for the next version of its operating system. The first developer preview of Android 11 is now out and features new capabilities for foldable phones, 5G, call-screening, and machine learning. 

Developers can download the system image for Pixel 2, 3, 3a or 4 devices. 

“Android has led the way towards the future of mobile, with new technologies like 5G to foldable displays to machine learning built into the core. A hallmark of our approach is a strong developer community that provides early and thoughtful feedback, helping us deliver a robust platform for apps and games that delight billions of users around the world,” Dave Burke, vice president of engineering at Google, wrote in a post

For 5G experiences, Android 11 will feature a dynamic meteredness API to check whether connection is unmetered, and a bandwidth estimator API to check the downstream/upstream bandwidth. 

For new screen types, the team is adding and updating APIs for apps to use pinhole screens or waterfall screens. 

The release also focuses on security and privacy with one-time permission, scoped storage, expanded biometrics support, platform hardening, secure storage and sharing of data, and identity credentials.  

Other features include a dedicated conversations section, bubbles for multi-tasking on phones, insert images into notification repliceand a neural networks API 1.3.

In order to make updates faster, the team will also be working on minimizing the impact of behavior changes and simplify testing and debugging. 

“Developers also told us that preparing for early app compatibility was a challenge without a clear date for final changes. So in Android 11 we’re adding a new release milestone called “Platform Stability”, which we expect to reach in early June. This milestone includes not only final SDK/NDK APIs, but also final internal APIs and system behaviors that may affect apps,” Burke wrote. 

The post Google announces first developer preview of Android 11 appeared first on SD Times.

Read more: sdtimes.com

Categories
News

Sensors are the next big thing in space, not starships

Understanding the opportunities available in the space industry — especially for early-stage companies and new founders — isn’t easy.

The pool of people who have deep aerospace technical expertise isn’t huge, and like any community that requires a high degree of specialist knowledge, it’s a tightly-knit field that relies on social connections. But space is increasingly opening up, and we’ve already reached a point where the most valuable new entrants might come from industries that aren’t specifically aerospace or aerospace-adjacent.

In fact, we could be reaching a stage where the parts of the space industry requiring actual rocket scientists are more or less saturated, while the real boon is set to come from crossover talent that develops new ways to leverage innovations in other areas on space-based operating platforms.

“We have enough low-Earth launch vehicles, we have enough rockets,” Bessemer VP Tess Hatch told me in an interview at the FAA’s Commercial Space Transportation Conference last month. “In 2020, we have even more coming online and a lot of the ‘fantasy’ ones [an industry term used to describe spacecraft that have been conceived and designed but not yet flown] are planning to launch, and I think maybe one of them will come to fruition.”

Hatch says she still sees much of the demand side of the industry cluster around existing and proven suppliers, even if new entrants, including Astra and Firefly, actually begin flying their rockets this year, as both have been planning. Companies like Rocket Lab (in which her company has a stake) will increase their volume and cadence and benefit from having a proven track record, taking up a lot of the growth in launch vehicle demand. “I don’t think there’s room for any more rockets in the industry,” she said.

Instead, Hatch is looking to payload variety and innovation as the next big thing in space tech. Satellites are becoming increasingly commoditized, and companies like Rocket Lab are looking to take this further by providing a satellite platform (Proton) as part of its launch offering. There’s still immaturity in the small-satellite supply chain, which is what led small-satellite operator Kepler to build its own, but the bigger opportunity isn’t in building satellites — it’s in equipping them with new, improved and radically redesigned sensors to gather new kinds of data and provide new kinds of services.

Read more: feedproxy.google.com

Categories
Software

Report: The benefits of open-source software go beyond cost

Open-source adoption is not slowing down within enterprises. A recent report found 95% of enterprises are taking open source seriously, with 75% of them reporting that open-source software is extremely important to their IT strategies. That number is up from 69% last year.

The 2020 State of Enterprise Open Source by Red Hat is based off of 950 interviews conducted with IT leaders worldwide. 

“For our second annual report, we wanted to know more. With 95% of IT leaders agreeing that enterprise open source is important to their enterprise infrastructure software strategy, it’s safe to say we don’t need to ask ‘if’ anymore. We need to ask ‘why’ and ‘how,’” Jim Whitehurst, president and CEO of Red Hat, wrote in the report. 

RELATED CONTENT: Creating companies that sustain our open-source community

The report also found that the amount of enterprises looking to increase their use of enterprise open-source software grew from 59% to 77% this year. In comparison, proprietary software adoption is declining. Last year, about 55% of respondents reported using proprietary software. This year, that number is at 42% and Red Hat expects it to go down to 32% in the next two years. 

“Maybe it doesn’t surprise you that proprietary software is losing favor—expensive and inflexible proprietary software licenses result in high capital expenditures (CapEx) and vendor lock-in. However, the rate at which organizations are abandoning proprietary software is notable, especially given how slowly change usually comes to the enterprise software space,” the report stated. 

The top areas where open-source software is being applied within the enterprise are security, cloud, database, and big data and analytics. Enterprises are also looking to leverage open source for IT infrastructure modernization, application development, and DevOps.

“When asked to choose the top three benefits of enterprise open source, the IT leaders we surveyed highlighted three areas. The first was the quality and security of the software. In other words, traditional enterprise software attributes. The second was forward-looking capabilities. So benefits like access to the latest innovations and working with cloud-native technologies. The third was lower cost of ownership,” Gordon Haff, technology evangelist at Red Hat, told SD Times. 

However, despite the growth and interest in open source, there still are challenges when adopting it. The report found security of the code, level of support, compatibility, and lack of skills as the top perceived barriers of adoption. 

“To be sure, some of these responses could apply to just about any type of software. But open source can tempt companies to try to self-support even though they don’t really have the expertise and even though building infrastructure isn’t a core competency of theirs. That’s where enterprise open source comes in,” said Haff. “In terms of using open source software–but really software generally–security is an ongoing challenge. Many tools exist to help with securing software and its supply chain. However, they’re not deployed as widely and systematically as they should be and there are probably too many tools solving narrow point problems.”

Haff suggested looking at trusted sources for software and dependencies as well as having automated tools built into the pipeline that can detect any unpatched vulnerabilities.

Beyond cost, the benefits of open-source software include: higher quality of software, lower costs of total ownership, better security, and access to latest innovations, according to the report.

“I think at least some people still look at open source through the lens of downloading code off the internet and assembling it themselves. It’s important to know that most organizations will get the greatest net value from open source by primarily using supported enterprise open source,”said Haff.

The report also looked at how enterprises are dealing with their legacy applications compared to more modern applications. Cloud-based apps outnumber legacy apps 61% to 39%, according to Red Hat.  

When it comes to replacing legacy apps, 47% of legacy apps are being re-architected or modernized. In addition, 31% of legacy apps are being left as is with plans to sunset or decommission some of them. 

“While open source is still a new concept to some, it has been and will continue to be, the driving force behind much of the innovation we are seeing today around cloud computing, automation, artificial intelligence, big data, and machine learning. All of the megatrends happening in technology are user-driven and playing out in open source first,” Whitehurst wrote.

The post Report: The benefits of open-source software go beyond cost appeared first on SD Times.

Read more: sdtimes.com