Friday, August 31, 2018

How to Protect the IP Of AI

As AI has taken on ever greater importance in the priority of organizations around the world, it is understandable that efforts are underway to protect the intellectual property of algorithms that have strategic importance.

A recent paper from IBM Research highlights one strategy being worked on to provide this protection. Their approach takes inspiration from the digital watermarking that helps to protect video, audio and photos.



from DZone.com Feed https://ift.tt/2NDxeDb

Why Data Accuracy and Master Data Management Are Ready for the Cloud

It's time to take a fresh look at an old problem: "garbage in, garbage out." Everyone knows that information is only as good as the data it was built upon, yet according to Harvard Business Review, only 3 percent of companies' data meets basic quality standards. With data becoming the world's most valuable resource, it raises the question, "How is this possible?" I believe the answer is that traditional approaches to data accuracy and master data management simply cannot keep up with the digital transformation that is happening all around us.

Digital Transformation Is Increasing the Need for Master Data Management

Today's companies are constantly trying to gain a competitive advantage, and data is at the center of that effort. Before the advent of cloud applications, companies would make a large investment in a system such as enterprise resource planning (ERP) or customer relationship management (CRM). These solutions would be installed and delivered to their staff on internal corporate networks. This approach suffered from quite a few flaws:



from DZone.com Feed https://ift.tt/2PVmdyD

Top 20 Ways Blockchain Will Transform Education

Distributive Ledger Technology (DLT) is a delightful offering of the public ledger system, blockchain. Maintaining absolute transparency and eliminating the intermediaries, ledger technologies can help record transactions that are easily verified and validated. Transforming many industries, blockchain is initiating its baby steps in the education domain, too. Let’s see how it can help in transforming education across the globe.

Top 20 Ways Blockchain Can Revolutionize Education

  1. Educational institutions have a lot of information that needs to be stored with the utmost security, and at the same time, this data needs to be accessed easily as and when needed. With DLT cloud storage, these institutions are provided with more secure alternatives that are comparatively cheaper, as well.



    from DZone.com Feed https://ift.tt/2NxeKnx

How to Automate Web Testing Across Browsers and Devices

Websites and web applications are crucial to how businesses acquire customers, and a growing number of traditional front- and back-office applications are migrated from desktops to web-based interfaces. As web technologies come with their own challenges, being able to test them is highly critical.

IT landscapes across organizations are becoming increasingly simplified as more applications and services are migrated into a single technology (web-based), but it also comes with some risks:



from DZone.com Feed https://ift.tt/2PSTFFS

Introduction to Integration Patterns

This article is featured in the new DZone Guide to API Management: Comparative Views of Real World Design. Get your free copy for more insightful articles, industry statistics, and more!

In today's mashup-driven world, the use of integrations to extract, transform, and utilize data is at the top of mind for a majority of software engineers. It is important to understand proven integration patterns which can help streamline the integration process and flows.



from DZone.com Feed https://ift.tt/2C3VnRP

JMeter's Raw Data Source PreProcessor: The Ultimate Guide

There are lots of ways to extract data from a file to Apache JMeter™ variables. For binary data, one of the handiest tools is the Raw Data Source preprocessor plug-in. It especially shines when you have to process a large amount of raw data, like when you need to collect data from various samples such as HTTP, TCP, and UDP, or when you have a large data file with a lot of records, and you need to distribute the values of these records across your Test Plan.

However, the Raw Data PreProcessor does not support HTTPS, and it limits your test plan to one endpoint only. We recommend using it when you want to be lean with the resources used to make requests. The Raw Data Source Preprocessor was written by BlazeMeter's Andrey Pokhilko.



from DZone.com Feed https://ift.tt/2wrImMQ

Dilemma on Utility Modules: Making a JAR or a Separate Microservice?

In my previous article, I talked about how you can come to a conclusion about what to choose for your new project: microservices or a monolith.

As an architect, if you followed the points in the previous article and came to the conclusion that you will use microservice architecture, cheers to you. You promoted yourself as a first-class citizen of the new era of he digital world



from DZone.com Feed https://ift.tt/2C2iuMM

Reviewing FASTER (Part 2): Let’s Start With Managed Code

The last post commented on the FASTER paper, now I’m getting to reading the code. This is a pleasant change of scenery for me since FASTER is written in C# (there is a C++ port that I’ll also be going through later). As someone who spends most of their time in C#, that makes it much easier to go through the code. On the other hand, this was clearly written by someone who spent most of their time in C++. This means that naming conventions and the general approach to writing the code sometimes directly contradict C# conventions. Some of that really bugs me.

The first thing I did was to try to run the benchmark on my own machine to get relative numbers. It died with an AccessViolationException, which was a disappointment. I’m going to ignore that and just read through the code. One thing that I did notice when reading through the benchmark code is that this piece:



from DZone.com Feed https://ift.tt/2PVmamr

Guide to 24 PHP Frameworks, Part 2


Follow the Series

This blog post is the second part of "The Definitive Guide to your next PHP framework."

Didn't read it yet? You can check it out here.



from DZone.com Feed https://ift.tt/2NxeJ2X

8 Proven Steps to Transition from Developer to Business Analyst

This is a very frequent request that we come across.

“I have been a software developer for quite some time and would like to learn about a new role. I am excited about a business analysis career, but I have no idea as to how to transition into the new role. “



from DZone.com Feed https://ift.tt/2PVm9in

We Need to Talk About Documentation

This article is mainly aimed at open source projects, but could apply just as well to any team releasing a product — be that an API, some developer tools, some binaries (from a few libraries or a full platform) — or attempting to build an ecosystem around an app or service.

I read a nice article the other day that makes the argument that documentation is more important than ever if you have an open source project to promote. How else will developers get up to speed with your project and learn what they need about it, if you don’t document it well? The article lists out some of the types of documentation you need to provide, such as a readme, some reference documentation, guides and so on.



from DZone.com Feed https://ift.tt/2ND9CP0

Hackers SignUp Demo

submitted by /u/loltoneh
[link] [comments]

from programming https://ift.tt/2oo8B29

Another hour!

It's August 31, 2018 at 04:15PM

Permafrost Engine - OpenGL 3.3 Real Time Strategy Engine in C

submitted by /u/shizaep
[link] [comments]

from programming https://ift.tt/2wuA46N

Norman's Software Product Development Problem

submitted by /u/ElegantMicroWebIndia
[link] [comments]

from programming https://ift.tt/2MFC8mv

Baker, a simple tool for provisioning virtual machines and containers

submitted by /u/__tosh
[link] [comments]

from programming https://ift.tt/2ordSG0

Hayley Denbraver: We Are 3000 Years Behind: Let's Talk About Engineering Ethics

submitted by /u/pjmlp
[link] [comments]

from programming https://ift.tt/2wvGNNQ

Another hour!

It's August 31, 2018 at 03:15PM

A SLR Parser Generator that targets JavaScript or Fsharp (For now)

submitted by /u/brkmnd
[link] [comments]

from programming https://ift.tt/2Nxcxsf

Scientists make a touch tablet that rolls and scrolls

Research scientists at Queen’s University’s Human Media Lab have built a prototype touchscreen device that’s neither smartphone nor tablet but kind of both — and more besides. The device, which they’ve christened the MagicScroll, is inspired by ancient (papyrus/paper/parchment) scrolls so it takes a rolled-up, cylindrical form factor — enabled by a flexible 7.5inch touchscreen housed in the casing.

This novel form factor, which they made using 3D printing, means the device can be used like an erstwhile rolodex (remember those?!) for flipping through on-screen contacts quickly by turning a physical rotary wheel built into the edge of the device. (They’ve actually added one on each end.)

Then, when more information or a deeper dive is required, the user is able to pop the screen out of the casing to expand the visible display real estate. The flexible screen on the prototype has a resolution of 2K. So more mid-tier mobile phone of yore than crisp iPhone Retina display at this nascent stage.

[gallery ids="1702214,1702215,1702211,1702212,1702213"]

 

 

The scientists also reckon the scroll form factor offers a pleasing ergonomically option for making actual phone calls too, given that a rolled up scroll can sit snugly against the face.

Though they admit their prototype is still rather large at this stage — albeit, that just adds to the delightfully retro feel of the thing, making it come over like a massive mobile phone of the 1980s. Like the classic Motorola 8000X Dynatac of 1984.

While still bulky at this R&D stage, the team argues the cylindrical, flexible screen form factor of their prototype offers advantages by being lightweight and easier to hold with one hand than a traditional tablet device, such as an iPad. And when rolled up they point out it can also fit in a pocket. (Albeit, a large one.)

They also imagine it being used as a dictation device or pointing device, as well as a voice phone. And the prototype includes a camera — which allows the device to be controlled using gestures, similar to Nintendo’s ‘Wiimote’ gesture system.

In another fun twist they’ve added robotic actuators to the rotary wheels so the scroll can physically move or spin in place in various scenarios, such as when it receives a notification. Clocky eat your heart out.

“We were inspired by the design of ancient scrolls because their form allows for a more natural, uninterrupted experience of long visual timelines,” said Roel Vertegaal, professor of human-computer interaction and director of the lab, in a statement.

“Another source of inspiration was the old rolodex filing systems that were used to store and browse contact cards. The MagicScroll’s scroll wheel allows for infinite scroll action for quick browsing through long lists. Unfolding the scroll is a tangible experience that gives a full screen view of the selected item. Picture browsing through your Instagram timeline, messages or LinkedIn contacts this way!”

“Eventually, our hope is to design the device so that it can even roll into something as small as a pen that you could carry in your shirt pocket,” he added. “More broadly, the MagicScroll project is also allowing us to further examine notions that ‘screens don’t have to be flat’ and ‘anything can become a screen’. Whether it’s a reusable cup made of an interactive screen on which you can select your order before arriving at a coffee-filling kiosk, or a display on your clothes, we’re exploring how objects can become the apps.”

The team has made a video showing the prototype in action (embedded below), and will be presenting the project at the MobileHCI conference on Human-Computer Interaction in Barcelona next month.

While any kind of mobile device resembling the MagicScroll is clearly very, very far off even a sniff of commercialization (especially as these sorts of concept devices have long been teased by mobile device firms’ R&D labs — while the companies keep pumping out identikit rectangles of touch-sensitive glass… ), it’s worth noting that Samsung has been slated to be working a a smartphone with a foldable screen for some years now. And, according to the most recent chatter about this rumor, it might be released next year. Or, well, it still might not.

But whether Samsung’s definition of ‘foldable’ will translate into something as flexibly bendy as the MagicScroll prototype is highly, highly doubtful. A fused clamshell design — where two flat screens could be opened to seamlessly expand them and closed up again to shrink the device footprint for pocketability — seems a much more likely choice for Samsung designers to make, given the obvious commercial challenges of selling a device with a transforming form factor that’s also robust enough to withstand everyday consumer use and abuse.

Add to that, for all the visual fun of these things, it’s not clear that consumers would be inspired to adopt anything so different en masse. Sophisticated (and inevitably) fiddly devices are more likely to appeal to specific niche use cases and user scenarios.

For the mainstream six inches of touch-sensitive (and flat) glass seems to do the trick.



from TechCrunch https://ift.tt/2N2po8U

Learn the JavaScript "this" Keyword in 10 Minutes

submitted by /u/huuippt
[link] [comments]

from programming https://ift.tt/2MDf6ws

People Hacks for Technical Leads

submitted by /u/huuippt
[link] [comments]

from programming https://ift.tt/2C5Uati

Another hour!

It's August 31, 2018 at 02:15PM

The Multi-Armed Bandit Problem and Its Solutions

submitted by /u/__tosh
[link] [comments]

from programming https://ift.tt/2wurp3o

Massive software engineering interview questions of hot tech companies in one place

submitted by /u/nextstore
[link] [comments]

from programming https://ift.tt/2NAAfE9

Another hour!

It's August 31, 2018 at 01:15PM

GopherCon 2018 - Allocator Wrestling

submitted by /u/codesuki_
[link] [comments]

from programming https://ift.tt/2NB4Kty

Bootiful GCP: Globally Consistent Data Access With Spanner (Part 3)

Hi, Spring fans! In this brief part of the series, we’re going to look at Spring Cloud integration for the Google Cloud Platform, Spring Cloud GCP. Spring Cloud GCP represents a joint effort between Google and Pivotal that provides a first-class experience for Spring Cloud developers when using the Google Cloud Platform. Pivotal Cloud Foundry users will enjoy an even easier integration with the GCP service broker. I wrote these installments with input from the Google Cloud Developer Advocate and my buddy, Ray Tsang. You can also catch a walkthrough of Spring Cloud GCP in our Google Next 2018 session, Bootiful Google Cloud Platform. Thanks, buddy! As always, I’d love to hear from you if you have feedback.

If you’re just joining us, be sure to read the previous installments:



from DZone.com Feed https://ift.tt/2NzDYBQ

Most people will be disappointed by the second edition of Refactoring

I've put a lot of hard work into the second edition of Refactoring. But I reckon that most people will be disappointed by it when it comes out, even though I think it's an improvement over the original. This memo explains why, and why I think that initial reaction ultimately doesn't matter.

more…



from Martin Fowler https://ift.tt/2PTlj5J

Completing the extraction of a data-rich service

Praful completes the steps of extracting a data rich service by pointing the new service to the new database and removing the dead logic and schema from the monolith.

more…



from Martin Fowler https://ift.tt/2N0Wje1

Linux Kernel Developer Criticizes Intel for Meltdown, Spectre Response

submitted by /u/remind_me_later
[link] [comments]

from programming https://ift.tt/2LIqe5Y

Techie to tech lead: My five biggest mistakes

submitted by /u/codesuki_
[link] [comments]

from programming https://ift.tt/2Nzo8XZ

Unique "Connected" episode from 1998 features Linus Torvalds and others, perfectly capturing the birth of open source and the explosion of the web

submitted by /u/nugatty
[link] [comments]

from programming https://ift.tt/2onsGFZ

Better Geometry Through Graph Theory

submitted by /u/prospero
[link] [comments]

from programming https://ift.tt/2LGPdXl

OBNC - compiler for Niklaus Wirth’s programming language Oberon

submitted by /u/mycall
[link] [comments]

from programming https://ift.tt/2PojUD7

Assertions in Production Code?

submitted by /u/_cwolf
[link] [comments]

from programming https://ift.tt/2NCPz3e

Software Architecture vs. Code

submitted by /u/fagnerbrack
[link] [comments]

from programming https://ift.tt/2onOPUz

websocat - my tool for WebSockets

submitted by /u/vi0oss
[link] [comments]

from programming https://ift.tt/2wxwhoy

Don't Code Tired | Software Development Wheel

submitted by /u/KarthikChintala
[link] [comments]

from programming https://ift.tt/2MIeOo8

bindef, a DSL for defining binary files

submitted by /u/yossarian_flew_away
[link] [comments]

from programming https://ift.tt/2wBdGYJ

How We Wrote a Self-Hacking Game in C++

submitted by /u/Aecial
[link] [comments]

from programming https://ift.tt/2wsn2qo

JVM JIT optimisation techniques summary

submitted by /u/jak_sky
[link] [comments]

from programming https://ift.tt/2opbz6G

What We’ve Learned from the July 2018 Flutter User Survey

submitted by /u/timsneath
[link] [comments]

from programming https://ift.tt/2PmcUq2

Java custom annotation

submitted by /u/codesjava
[link] [comments]

from programming https://ift.tt/2C4xZDQ

Announcing updates to Cloud Speech-to-Text and the general availability of Cloud Text-to-Speech

submitted by /u/stronghup
[link] [comments]

from programming https://ift.tt/2PUXeeP

AVA: The Art and Science of Image Discovery at Netflix (or how Netflix automatically harvests screenshots from content to use as artwork)

submitted by /u/Antrikshy
[link] [comments]

from programming https://ift.tt/2N2nuoO

An Introduction to Inline Classes in Kotlin

submitted by /u/nfrankel
[link] [comments]

from programming https://ift.tt/2MBFJSu

Why Learning to Code is So Damn Hard

submitted by /u/sssunil9255
[link] [comments]

from programming https://ift.tt/2wBlrOl

📚New playground and cheatsheet for learning Python

submitted by /u/trekhleb
[link] [comments]

from programming https://ift.tt/2NBe4xs

To boost Amazon Pay in India, Amazon reportedly acquired Tapzo, an ‘all-in-one’ aggregator app, for $40M

On the heels of Google rebranding Tez to Google Pay in India, and Walmart acquiring a majority stake in e-commerce marketplace Flipkart, Amazon is also making a run in India to hone in on the country’s growing economy.

According to multiple reports, Amazon has paid around $40 million to acquire Tapzo, a startup that aggregates a number of app-based services — such as Uber, Ola, food delivery services Swiggy and Zomato, Book My Show, bill payment service BillDesk and more — into a single app. Amazon is reportedly paying between $30 million and $40 million, and its intention is to leverage Tapzo’s one-stop services app to help grow Amazon Pay usage in the country.

Amazon Pay has reportedly been seeing a wider global push to spur adoption of the service. But in India, the drive to get people to use Apple Pay may be particularly strong. Rival wallet services like Paytm, PhonePe, Google Pay, Mobikwik and others have swooped in a market where payment card usage is not that widespread, and consumers are conducting a growing number of transactions on their mobile devices. If you can get traction for your mobile wallet, that puts you into a strong position for dominating in all kinds of commerce and transactions in Asia’s second-largest economy.

We’d heard talks between Tapzo and Amazon have been in the works for a while, but now that a deal has been done, the two seem to be downplaying the details.

Messages sent to Tapzo founder and CEO, Ankur Singla, did not get responses. Another Tapzo executive we reached on the phone said he could not comment but also didn’t deny the report. And in a statement provided to TechCrunch, Amazon also did not explicitly confirm the deal, nor did Amazon deny it.

“Our commitment to the vision of a less-cash India remains the same,” a spokesperson said. “Our goal is to make it easier than ever before for customers to make digital payments by improving the customer experience, affordability and daily routines.”

An email to one of Tapzo’s investors, Sequoia, also did not get a response. Tapzo had in all raised about $23 million, with other investors including Ru-Net, American Express and RB Investments.

The deal pairs together a startup that has had held a lot of promise but has also has been through several rebrands and pivots in search of a viable business model; with an e-commerce leviathan that has already invested billions of dollars money into India but is looking for a way of expanding its reach in beyond its own marketplace.

Tapzo has attempted to address a particular niche in the Indian market: Smartphone usage has taken off in India, with many using mobile handsets as their primary “computer” for getting online. That creates an opportunity for companies looking to connect with customers, but also a challenge: there is a lot of app churn, and an added pressure on publishers to provide lasting value to consumers whose devices might be space-constrained and wallets cash-constrained to use and pay for anything but the most top-priority data services.

“One of the worst-kept secrets of the mobile app industry is that almost all apps (except for the top 5-8 apps) see 60-80 percent uninstall rate within 90 days of users installing the app,” Singla wrote in a blog post when explaining the challenge in the market. “India probably has the highest uninstall rate in the world, so when an app says it has 20 million installs, you can do your math.”

Enter Tapzo: the idea is that by loading the Tapzo app with multiple services, it makes the whole app much more valuable to users, and having all the services existing within one app also means that a users of Tapzo do not need to dedicate as much space to multiple apps that could be more likely to get uninstalled on their own.

That formula appears to have hit the right note in the market: Tapzo claims to have over 5 million users across some 100 cities in India turning to Tapzo to connect with more than 40 different services. It says that to date it’s enabled over 25 million transactions.

But Tapzo’s success has not come quickly nor smoothly. The company has been through a number of pivots and rebrands since 2010, starting first as Akosha, a platform for businesses to communicate with customers; then becoming Helpchat, a personal assistant and chatbot; and lastly its most recent pivot to Tapzo. (And the company owning all three of these has yet a different name, Coraza Technologies.) VC Circle earlier this year reported that Coraza’s last round in January this year was a down round, from a peak valuation of about $85 million in 2016.

Tapzo in its latest incarnation potentially plays directly into Amazon’s strategy to build out its presence in India by way of Amazon Pay, Amazon’s payment processing service that competes against the likes of Google Pay, PayPal and the rest.

Tapzo and Amazon Pay had already been working together on promotional efforts: to encourage more people to integrate and use Amazon Pay for transactions on Tapzo, the two have run multiple promotions where users could get money back and discounts on a wide range of services you can access through Tapzo.

A closer relationship by way of acquisition could not only see Amazon Pay becoming a (the only?) default payment option, but it could give Amazon the chance to use the app to promote its own network of services and merchants, whether it’s for restaurant delivery or for a deal on a new mixing bowl to cook it yourself — a twist on the company’s classic marketplace model.

Amazon could also use it as a loyalty and points service: book your next Ola car through Tapzo, pay for it with Amazon Pay, and get money towards your next purchase on Amazon.in. That could be one way of fulfilling Amazon’s goal “to make digital payments by improving the customer experience, affordability and daily routines,” with Amazon getting a cut on those payments.

We’ll update this post as we learn more.



from TechCrunch https://ift.tt/2C39xTf

California lawmakers are one step closer to bringing back Obama-era net neutrality protections

California’s state Assembly voted 58-17 on Thursday to advance a bill, called S.B. 822, that would implement the strongest net neutrality provisions in the U.S.

The bill now heads back to the Senate for final approval. If a vote is not held by end of day tomorrow — the deadline for lawmakers to pass any legislation until 2019 — it won’t get the official green, or red, light until next year.

The bill, written by Democratic Senator Scott Wiener, would not only bring back Obama-era net neutrality rules ousted by the FCC in December, but go a step further, adding new protections for internet users. The bill prohibits internet service providers from blocking or throttling lawful content, apps, services or non-harmful devices. Plus, it bans paid prioritization, the practice of directly or indirectly favoring some traffic over other traffic in exchange for money, typically.

Here’s where it goes above and beyond the policy developed under the Obama administration: The bill also bans zero rating, which allows service providers to charge customers for data use on some websites but not on others. If you want to dive deeper into the nitty-gritty, take a look at the bill here.

The decision is a blow to Comcast and AT&T, for obvious reasons. They’ve been advocates for ending net neutrality and had lobbied aggressively against the bill. Net neutrality lobbying groups, on the other hand, are pleased with the results.

“No one wants their cable or phone company to control what they see and do on the internet,” said Evan Greer, deputy director of Fight for the Future, a nonprofit advocacy group for digital rights, in a statement. “California just took a huge step toward restoring protections that prevent companies like AT&T and Comcast from screwing us all over more than they already do.”

“This historic Assembly vote is a testament to the power of the internet. Big ISPs spent millions on campaign contributions, lobbyists and dark ads on social networks, but in the end, it was no match for the passion and dedication of net neutrality supporters using the internet to sound the alarm and mobilize.”

In December, the FCC voted to kill Obama-era net neutrality regulations developed in 2015 to keep the internet open and fair. The organization is led by Ajit Pai, a Republican appointed to the role by President Donald Trump.

The decision from California’s Assembly comes a day after Northern California congressional members asked that the FTC investigate Verizon’s throttling of the Santa Clara County Fire Department, which had reportedly exceeded their monthly allotment of 25 gigabytes when they were making calls and handling personnel issues amid fighting a massive wildfire.



from TechCrunch https://ift.tt/2PiOein

Enveritas’ technology lets small growers tap into the market for sustainable coffee

Demand for sustainable coffee is growing, a boon for socially conscious coffee lovers — but many small growers are missing out because they lack the ability to verify that their coffee beans are grown using sustainable labor and eco-friendly practices. In fact, verification is often accessible only to large coffee estates or cooperatives. Enveritas wants to change that. The nonprofit, which recently completed Y Combinator’s accelerator program, uses geospatial analysis to make the process more efficient, enabling it to offer free verification to smallholder farms.

Enveritas’ goal is to end poverty in the coffee sector by 2030. Before founding Enveritas in 2016, CEO David Browning and head of operations Carl Cervone worked at TechnoServe, a nonprofit that serves businesses in developing economies. Browning led TechnoServe’s global coffee practice, while Cervone advised coffee growers in Africa, Asia and Latin America about sustainability trends.

Browning tells TechCrunch that TechnoServe’s coffee team spent a lot of time working with smallharder farmers, many of whom don’t have access to sustainability verification because their farms are too remote or small. The typical coffee grower served by Enveritas has less than two hectares of land, lives on less than $2 a day and relies on cash crops for their family’s income.

“The existing solutions work well for large estates and it can also be effective for farmers organized into cooperatives, but many of the world’s coffee farmers are smallholder farmers and not organized into cooperatives,” Browning explains. “For those farmers, the existing solutions can be more difficult to access.”

Part of the reason is because many verification solutions rely on field workers who visit farms and track sustainability standards using pen and paper, a time-consuming and costly process.

To develop a more efficient and scalable system, Enveritas uses geospatial and machine learning to identify coffee farms through satellite imagery and monitor for issues like deforestation. Though it still relies on local partners to visit farms and confirm that sustainability standards are being followed, its technology enables Enveritas to provide verification services for free.

Enveritas checks for 30 standards, which it divides into three categories: social, environmental and economic. “Social” includes no child labor and workers’ rights; “environmental” checks for problems like deforestation, pollution or banned pesticides; and “economic” covers minimum wages, ethical business practices and transparent pricing, among other standards.

The organization currently operates in 10 countries, including Uganda, Indonesia, Ethiopia, Nicaragua and Costa Rica, with plans to expand into more markets.

Sustainable coffee isn’t just in demand by caffeine lovers with a penchant for social justice. Many of the world’s biggest coffee companies, including Illy and Starbucks, have launched sustainability initiatives as part of their corporate responsibility measures. Offering coffee grown using sustainable labor or environmentally friendly practices also helps differentiate their products in a crowded marketplace. Research by the National Coffee Association, an American trade group, recently found that many millennials prefer sustainable coffee, with up to two-thirds of 19 to 24-year-olds surveyed said they pick their coffee based on whether it was grown using sustainable labor and environmentally friendly farming practices.

While coffee is currently its main focus, Browning says Enveritas’ system can be applied to other agricultural products that need more visibility in their supply chains. For example, it also can be used to verify the sustainability of cocoa, cotton and palm oil.

As a nonprofit, Enveritas faces different funding challenges from other tech startups. Browning says it is currently at the equivalent of being ready for a Series A. Much of its backing comes from coffee companies (Enveritas can’t disclose which ones) that hope to benefit from Enveritas’ solutions.

“One of the advantages of this system is that it reduces the cost for coffee companies relative to the traditional pen and paper system, but it’s also simultaneously free for farmers,” Browning says. “That’s one of the most compelling innovations, so it’s a win-win for both.”



from TechCrunch https://ift.tt/2wtYFrw

Weebly brings more e-commerce features to mobile

Weebly is part of Square now, but it continues to update as a standalone product. This week, for example, the company announced a number of new e-commerce features for the Weebly mobile app.

Those features include the ability to ship and print labels, to respond to customer questions (via Facebook Messenger, which can be embedded on Weebly sites), to approve customer reviews, to create branded coupon codes and to edit every aspect of your store, including product listing and pricing — all from the app.

Much of this functionality already existed on desktop, so the announcement is about moving these capabilities onto smartphones. In a blog post, the company outlined a vision for the mobile phone to become “the new back office.”

Weebly CEO David Rusenko told me that as his team has been adding more features for merchants, he wants people to think of Weebly “increasingly as an e-commerce platform,” not just a simple website builder. And support for mobile was an important part of that.

“This is what our customers were requesting,” Rusenko said. “Basically, people are taking their entrepreneurial lifestyle and having the freedom to work on things wherever you are.”

And apparently mobile usage is already up significantly, with a 75 percent increase over the past year in customers using the Weebly mobile app to manage orders, as well as a 120 percent increase in mobile usage to manage product listings.



from TechCrunch https://ift.tt/2LHV12H

John McAfee’s ‘unhackable’ Bitfi wallet got hacked — again

If the security community could tell you just one thing, it’s that “nothing is unhackable.” Except John McAfee’s cryptocurrency wallet, which was only unhackable until it wasn’t — twice.

Security researchers have now developed a second attack, which they say can obtain all the stored funds from an unmodified Bitfi wallet. The Android-powered $120 wallet relies on a user-generated secret phrase and a “salt” value — like a phone number — to cryptographically scramble the secret phrase. The idea is that the two unique values ensure that your funds remain secure.

But the researchers say that the secret phrase and salt can be extracted, allowing private keys to be generated and the funds stolen.

Using this “cold boot attack,” it’s possible to steal funds even when a Bitfi wallet is switched off. There’s a video below.

The researchers, Saleem Rashid and Ryan Castellucci, uncovered and built the exploits as part of a team of several security researchers calling themselves “THCMKACGASSCO” (after their initials). The two researchers shared them with TechCrunch prior to its release. In the video, Rashid is shown setting a secret phrase and salt, and running a local exploit to extract the keys from the device.

Rashid told TechCrunch that the keys are stored in the memory longer than Bitfi claims, allowing their combined exploits to run code on the hardware without erasing the memory. From there, an attacker can extract the memory and find the keys. The exploit takes less than two minutes to run, Rashid said.

“This attack is both reliable and practical, requiring no specialist hardware,” said Andrew Tierney, a security researcher with Pen Test Partners, who verified the attack.

Tierney was one of the hackers behind the first Bitfi attack. The McAfee-backed company offered a $250,000 bounty for anyone who could carry out what its makers consider a “successful attack.” But Bitfi declined to pay out, arguing that the hack was outside the scope of the bounty, and instead resorted to posting threats on Twitter.

This new attack, Tierney says, “meets the requirements of the bounty in spirit, even if it does not meet the specific terms that Bitfi have set.”

McAfee earlier this month said, “the wallet is hacked when someone gets the coins.”

Bill Powel, vice president of operations at Bitfi, told TechCrunch in an email that the company defines a hack “as anything that would allow an attacker to access funds held by the wallet.”

“Because the device does not store private keys, that is what prompted the unhackable claim,” he said.

When pressed, Powel did not address the specific claims of the cold boot attack. McAfee, who was copied on the email to Bitfi, did not respond.

Within an hour of the researchers posting the video, Bitfi said in a tweeted statement that it has “hired an experienced security manager, who is confirming vulnerabilities that have been identified by researchers.”

“Effective immediately, we are closing the current bounty programs which have caused understandable anger and frustration among researchers,” it added.

The statement also said it will no longer use the “unhackable” claim on its website.

Rashid said he has no immediate plans to release the exploit code so as to prevent the estimated few thousand Bitfi users from being put at risk.

Just last month, Bitfi won the Pwnie Award for Lamest Vendor Response, a traditional award given out at the Black Hat conference for companies that react the worst in response to security issues.



from TechCrunch https://ift.tt/2C1eagu

Margin of safety in venture capital

As a former stock analyst turned VC, I still spend time thinking about public company investment opportunities. To that end, I recently read Seth Klarman’s Margin of Safety, a hard to find, but very insightful book about value investing. The book’s title, Margin of Safety, is a term borrowed from the godfather of value investing: Benjamin Graham. Warren Buffett’s investment philosophy is very much inspired by Graham; 85 percent as much, according to Buffett himself.

A margin of safety is room for error built into the price an investor pays for an asset to lower the risk that the investor might lose money. In other words, assets are usually quite difficult to price, so you try to pay some amount well below what you think an asset is worth to minimize the impact of various issues that might impact the value of that asset. One potential issue might be in the investor’s analysis of worth (i.e. the investor is wrong); another might be an unforeseeable market event, or a temporary problem specific to the company, etc.

While I was familiar with the margin of safety concept, I hadn’t thought about how it might apply to venture investing, and Klarman’s book sparked my imagination.

Can you fundamentally build a margin of safety into an early-stage venture investment? Can you fundamentally be “wrong” about your investment and still turn out alright?

The answer seems to be “sort of,” but it’s quite different than how you do it in the public markets. To figure it out, it’s worth considering price, market and team as the potential mechanisms.

Price

In the public markets, margin of safety is all about the price you pay for an asset. You’re looking for mispricings in the market primarily due to irrational downward assessments of other investors — usually places where emotion takes hold and logic gives way. Irrational upward assessments happen too, but those aren’t buying opportunities, and value investing is about buying, not shorting.

In the private markets, there may be the same amount of irrational upward assessment as reflected by some valuations that get ahead of themselves, but irrational downward assessment is rarer simply because such an assessment would mean the market thinks a company is not fundable and, without capital, it likely goes out of business. Therefore, it’s difficult for a private company mispriced to the downside to even exist. Even in down rounds at solid companies there doesn’t seem to be anything near a margin of safety that Klarman or Buffett would expect — nor do modest valuation negotiations create such a margin of safety for top venture firms that can pull off such negotiations.

We can comfortably say that price as a mechanism for margin of safety in venture doesn’t seem to work.

Market

A bigger market is always better, so if we only invest in huge markets, that’s a margin of safety, right? Unfortunately, no.

Bigger markets are usually better, but markets are extremely hard to predict, and it’s even harder to predict which market many startups even really fit into at the early stage. If you had to predict the market for people renting air beds on other people’s floors you probably would have missed the potential for the same platform to rent rooms and, ultimately, change the travel industry.

Can you fundamentally build a margin of safety into an early-stage venture investment?

You might apply Klarman’s idea of conservatively estimating a company’s cash flows and the applicable discount rate in valuing a company as part of a margin of safety, but taking a conservative view of what the market may be for a venture investment is arguably even worse than overshooting it because it will probably lead you to miss out on some great opportunities, like Airbnb above.

Market doesn’t seem to be the margin of safety in venture either.

Team

That leaves us with team.

Fundamentally, the point of a margin of safety is to recognize that things are probably not going to go as planned. In a public investment, where value is a constant reflection of supply and demand, you can protect yourself from the unforeseen via price. In a private investment, where shares are illiquid and relationships more important, you can only protect yourself from the unforeseen via the team.

A great team is resourceful, dedicated, persistent, curious and flexible. Those elements reduce the risk of a negative outcome when things don’t go as planned, because a great team adjusts and fights through it. Fighting through a difficult time. Pivoting to something else. Pressing on with a commitment to suffering. Sometimes things go too far off the rails for even a great team to recover, but better to invest in a team that can correct setbacks than an average team that crumbles under even minor deviations.

It’s this reason that all VCs say they invest in team first. They are our margin of safety.

Close

To bastardize Warren Buffett’s bridge analogy regarding the margin of safety: We want to invest in founders that can lift the weight of the world, but really only need to lift the weight of one difficult startup business. We will almost certainly be fooled both positively and negatively by prices, products and markets, but we must do our best not to be fooled by teams, because they’re the only margin of safety we have. 



from TechCrunch https://ift.tt/2ovyTzL