It's February 01, 2020 at 01:15PM
Friday, January 31, 2020
Thursday, January 30, 2020
Microsoft will now pay up to $20k for Xbox Live security exploits
Think you’ve found a glaring security hole in Xbox Live? Microsoft is interested.
The company announced a new bug bounty program today, focused specifically on its Xbox Live network and services. Depending on how serious the exploit is and how complete your report is, they’re paying up to $20,000.
Like most bug bounty programs, Microsoft is looking for pretty specific/serious security flaws here. Found a way to execute unauthorized code on Microsoft’s servers? They’ll pay for that. Keep getting disconnected from Live when you play as a certain legend in Apex? Not quite the kind of bug they’re looking for.
Microsoft also specifically rules out a few types of vulnerabilities as out-of-scope, including DDoS attacks, anything that involves phishing Microsoft employees or Xbox customers, or getting servers to cough up basic info like server name or internal IP. You can find the full breakdown here.
This is by no means Microsoft’s first foray into bounty programs; they’ve got similar programs for the Microsoft Edge browser, their “Windows Insider” preview builds, Office 365, and plenty of other categories. The biggest bounties they offer are on their cloud computing service, Azure, where the bounty for a super specific bug (gaining admin access to an Azure Security Lab account, which are closely controlled) can net up to $300,000.
from TechCrunch https://ift.tt/3aVZT2b
Amazon quietly publishes its latest transparency report
Just as Amazon was basking in the news of a massive earnings win, the tech giant quietly published — as it always does — its latest transparency report, revealing a slight dip in the number of government demands for user data.
It’s a rarely seen decline in the number of demands received by a tech company during a year where almost every other tech giant — including Facebook, Google, Microsoft and Twitter — all saw an increase in the number of demands they receive. Only Apple reported a decline in the number of demands it received.
Amazon said it received 1,841 subpoenas, 440 search warrants and 114 other court orders for user data — such as its Echo and Fire devices — during the six-month period ending 2019.
That’s about a 4% decline on the first six months of the year.
The company’s cloud unit, Amazon Web Services, also saw a decline in the number of demands for data stored by customers, down by about 10%.
Amazon also said it received between 0 and 249 national security requests for both its consumer and cloud services (rules set out by the Justice Department only allow tech and telecom companies to report in ranges).
At the time of writing, Amazon has not yet updated its law enforcement requests page to list the latest report.
Amazon’s biannual transparency report is one of the lightest reads of any company’s figures across the tech industry. We previously reported on how Amazon’s transparency reports have purposefully become more vague over the years rather than clearer — bucking the industry trend. At just three pages, the company spends most of it explaining how it responds to each kind of legal demand rather than expanding on the numbers themselves.
The company’s Ring smart camera division, which has faced heavy criticism for its poor security practices and its cozy relationship with law enforcement, still hasn’t released its own data demand figures.
from TechCrunch https://ift.tt/2GzHKcF
Watch Rocket Lab’s first launch of 2020 take an NRO payload to orbit
Rocket Lab’s first mission of the year, and 11th commercial flight overall, is planned to take off this afternoon from New Zealand and bring a payload from the National Reconnaissance Office to orbit. You can watch the launch, “Birds of a Feather,” right here.
The mission, which was only announced 10 days ago, is also known as NROL-151, and was awarded under a new NRO effort to “explore what the tiny rocket marketplace can provide for us,” as director Betty Sapp put it in 2018, at the outset of the agency’s Rapid Acquisition of a Small Rocket program.
Though Rocket Lab may dispute that its rocket is “tiny” (Sapp also said at the time that many companies took issue with the phrase), it’s definitely smaller than many launch vehicles that the NRO is accustomed to.
It has relied in the past on large geostationary satellites, but cheap access to lower orbit is clearly a trend worth taking advantage of.
“As the industry shifts toward the disaggregation of large, geostationary spacecraft, Electron enables unprecedented access to space to support a resilient layer of government small satellite infrastructure,” said Rocket Lab SVP of global launch services Lars Hoffman said in the mission announcement.
Incidentally, the mission patches for each participant are quite charming and weird:
The launch will be an ordinary one by Rocket Lab standards, though the Electron first stage will attempt to accomplish a guided reentry, monitored by a chase plane. This is preliminary to attempting a full guided return and controlled landing, which only SpaceX has been able to pull off so far — but which is also going to be an essential method for lowering launch costs.
“Birds of a Feather” will be streamed live starting about 20 minutes before launch; You can watch it below.
from TechCrunch https://ift.tt/3aST8y1
Wednesday, January 29, 2020
The Complete Unit Testing Collection [Tutorials and Frameworks]
Breaking Unit Testing Down
- Introduction and History of Unit Testing [Part 1] by Leah Grantz — We all know we should be incorporating unit testing into our development processes, but do you know the history of this concept? We take a look into the history of test automation to get a look at where this all got started.
- Unit Testing Guidelines: What to Test and What Not to Test by Anton Angelov — Unit testing can often take on a rather broad connotation. We try to help narrow down the phrase in terms of what it should (and shouldn't) cover.
- Importance of Unit Testing by Bala Murugan — Unit testing is one of the simplest and first measures that developers should take to prevent bugs in production.
- The Role of Unit Tests in Test Automation by Bobby Lalvani — Because TDD and AAA complement each other so well, you should combine them with test management tools to get the best results on your DevOps test automation projects.
- Why Do We Unit Test? And What’s the Purpose of Code Coverage? by Kevin Hooke — Use code coverage as a tool to help you find untested code, not as an ultimate goal.
- 8 Benefits of Unit Testing by Ekaterina Novoseltseva — You simply can't overlook the benefits of tearing your application apart, testing each, and putting it all back together.
from DZone.com Feed https://ift.tt/38NPy6z
KPCB has already blown through much of the $600 million it raised last year
Kleiner Perkins, one of the most storied franchises in venture capital, has already invested much of the $600 million it raised last year and is now going back out to the market to raise its 19th fund, according to multiple sources.
The firm, which underwent a significant restructuring over the last two years, went on an investment tear over the course of 2019 as new partners went out to build up a new portfolio for the firm — almost of a whole cloth.
A spokesperson for KPCB declined to comment on the firm’s fundraising plans citing SEC regulations.
The quick turnaround for KPCB is indicative of a broader industry trend, which has investors pulling the trigger on term sheets for new startups in days rather than weeks.
Speaking onstage at the Upfront Summit, an event at the Rose Bowl in Pasadena, Calif. organized by the Los Angeles-based venture firm Upfront Ventures as a showcase for technology and investment talent in Southern California, venture investor Josh Kopelman spoke to the heightened pace of dealmaking at his own firm.
The founder of First Round Ventures said that the average time from first contact with a startup to drawing up a term sheet has collapsed from 90 days in 2004 to 9 days today.
“This could also be due to changes in the competitive landscape … and there may be changes with First Round Capital itself,” says one investor. “It may have been once upon a time that they were looking at really early raw stuff… But, today, First Round is not really in the first round anymore. Companies are raising some angel money or Y Combinator money.”
At KPCB, the once-troubled firm has been buoyed by recent exits in companies like Beyond Meat, a deal spearheaded by the firm’s former partner Amol Deshpande (who now serves as the chief executive of Farmers Business Network) and Slack.
And its new partners are clearly angling to make names for themselves.
“KP used to be a small team doing hands-on company building. We’re moving away from being this institution with multiple products and really just focusing on early-stage venture capital,” Kleiner Perkins partner Ilya Fushman said when the firm announced its last fund.
Kleiner Perkins partner Ilya Fushman
“We went out to market to LPs. We got a lot of interest. We were significantly oversubscribed,” Fushman said of the firm’s raise at the time.
In some ways, it’s likely the kind of rejuvenation that John Doerr was hoping for when he approached Social + Capital’s Chamath Palihapitiya about “acquiring” that upstart firm back in 2015.
At the time, as Fortune reported, Palihapitiya and the other Social + Capital partners, Ted Maidenberg and Mamoon Hamid would have become partners in the venture firm under the terms of the proposed deal.
Instead, Social + Capital walked away, the firm eventually imploded and Hamid joined Kleiner Perkins two years later.
The new Kleiner Perkins is a much more streamlined operation. Gone are the sidecar and thematic funds that were a hallmark of earlier strategies and gone too are the superstars brought in by Mary Meeker to manage Kleiner Perkins’ growth equity investments. Meeker absconded with much of that late stage investment team to form Bond — and subsequently raised hundreds of millions of dollars herself.
Those strategies have been replaced by a clutch of young investors and seasoned Kleiner veterans including Ted Schlein who has long been an expert in enterprise software and security.
“Maybe at this point they think they can raise based on the whole story about Mamoon taking over and a few years from now they won’t be able to raise on that story and will have to raise on the results,” says one investor with knowledge of the industry. “Mamoon is a pretty legit, good investor. But the legacy of the firm is going to be tough to overcome.”
All of these changes are not necessarily sitting well with limited partners.
“LPs are not really happy about what’s going on,” says one investor with knowledge of the venture space. “Everybody thinks valuations are too high since 2011 and people are thinking there’s going to be a recession. LPs think funds are coming back to market too fast and they’re being greedy and there’s not enough vintage diversification but LPs … feel almost obligated that they have to do these things… Investing in Sequoia is like that saying that you don’t get fired for buying IBM.”
from TechCrunch https://ift.tt/2uJiyOd
The Anatomy of Good Unit Testing
I think of unit tests as an extension to my code. A thorough testing process offers peace of mind that when refactoring the code or making performance improvements, the units still function as expected. It can also find bugs and edge cases and avoid regressions during refactoring.
I come from a.NET / C# background and have compiled this collection of thoughts and tidbits that I find useful when writing tests.
from DZone.com Feed https://ift.tt/2vzUuxF
All eyes are on the next liquidity event when it comes to space startups
At the FAA’s 23rd Annual Commercial Commercial Space Transportation Conference in Washington, DC on Wednesday, a panel dedicated to the topic of trends in VC around space startups touched on public vs. private funding, the right kinds of space companies that should even be considering venture funding, and, perhaps most notably, the big L: Liquidity.
Moderator Tess Hatch, Vice President at Bessemer Venture Partners, addressed the topic in response to an audience question that noted while we’ve heard a lot about how much money will flow into space-related startups from the VC community, we haven’t actually et seen much in the way of liquidity events that prove out the validity of these investments.
“In 2008, a company called Skybox was created and a handful of years later Google acquired the company for $500 million,” Hatch said. “Every venture capitalist’s ears perked up and they thought ‘Hey, that’s pretty good ROI in a short amount of time – maybe the space thing is an investable area’ and then a ton of venture capital investments flooded into space startups, and all of these venture capitalists made one, or maybe two investments in the area. Since then, there have not been many — if any – liquidity events: Perhaps Virgin Galactic going public via the SPAC (special uprose vehicle) on the New York Stock Exchange late last year would be the second. So we’re still waiting; we’re still waiting for those exits, we are still waiting for companies to pave the path for the 400+ startups in the ecosystem to return our investment.”
Hatch added that she’s looking at a number of companies who have the potential to break this somewhat prolonged exit drought in 2020, including five who are either quite mature in terms of their development, naming SpaceX, Rocket Lab, Planet and Spire as all likely candidates to have some kind of liquidity event in 2020, with the mostly likely being an IPO.
Space as an industry was described to me recently as a ‘maturing’ startup market by Space Angels CEO Chad Anderson, by virtue of the distribution of activity in terms of the overall investment rounds in the sector. There is indeed a lot of activity with early stage companies and seed rounds, but the fact remains that there hasn’t been much in the way of exits, and it’s also worth pointing out that corporate VCs haven’t been as acquisitive in space as some of their consumer and enterprise technology counterparts.
The panel touched on a lot more apart from liquidity, which actually only came up towards the end of the discussion, which included panelists Astranis CEO and co-founder John Gedmark; Capella Space CEO and founder Payam Banazadeh and Rocket Lab VP of Global Commercial Launch Services Shane Fleming. Both Gedmark and Banazadeh addressed aspects of the risks and benefits of seeking VC as a space technology company.
“Not every space business is a venture-backable business,” said Banazadeh earlier in the conversation. “But there are a lot of space businesses that are specifically going after raising venture money, and that’s dangerous for everyone – because at the end of the day venture is looking at high risk, high return. The ‘high return’ comes from being able to get substantial amount of revenue in a market that’s big
enough for those revenues to be coming from. But if your idea is to go build, maybe, some very specific part in a satellite, then you have to make the case of why you’ll be able to make those returns for the investors, and in a lot of cases, that’s just not possible.”
Banazadeh also concedes that doing any kind of space technology development is expensive, and the money has to come from somewhere. Gedmark talked about one popular source, government funding and grants, and why that often isn’t as obviously a positive thing for startups as it might seem.
“Small government grants can be great, and obviously a fantastic source of non dilutive capital,” Gedmark said. “But there is a little bit of a trick there, or something to be aware of: I think people are often surprised how much time is spent in the early days of a startup refining the exact idea and the product, and if you’re not certain that you have the that product market fit […] then, the government grant can be extremely dangerous, because they will fund you to do something that is sort of similar to what to what you’re doing, but it really prevents you changing your approach later; you’re going to end up spending time executing on the specific project of the program manager on the government side and you’re executing on what they want.”
VC funds, on the other hand, come with the built-in expectation that you’re going to refine and potentially even change direction altogether, Gedmark says. Depending on the terms of the public funding you’re seeking, that flexibility may not be part of the arrangement, which ultimately could be more important than a bit of equity dilution.
from TechCrunch https://ift.tt/2RZ7qVo
Tesla temporarily closes Shanghai factory over coronavirus concerns
Tesla was ordered by the Chinese government to shut down its Shanghai factory over concerns about the coronavirus, a closure that will delay Model 3 production and ultimately put slight downward pressure on profits in the first quarter, the automaker’s finance chief Zach Kirkhorn said during an earnings call Wednesday.
Prior to the call, Tesla reported Wednesday $105 million in net income, or 56 cents a diluted share, compared with $140 million, or 78 cents a share, in the same year-ago period. Tesla earned $386 million, or $2.14 a share, in the fourth quarter when adjusted for one-time items. Tesla generated revenue of $7.38 billion in fourth quarter, just 1% higher than the $7.2 billion generated in the same period in 2018.
Model 3 production will be delayed by a week and a half, Kirkhorn said. Novel coronavirus, a new form of the family of viruses known as coronavirus first cropped up in Wuhan in late December 2019. Since then, thousands of people have contracted the virus, causing the government to take measures such as shutting down transit and factories throughout the country.
“We are in the early stages of understanding if, and to what extent, we may be temporarily impacted by the coronavirus,” Kirkhorn said. “At this point we’re expecting a one, to one and a half week-delay in the ramp of the Shanghai build Model 3 due to a government required factory shutdown. This may slightly impact profitability for the quarter, but is limited as the profit contribution from Model 3 Shanghai remains in the early stages.”
Tesla is also closely monitoring if the coronavirus will cause interruptions in the supply chain for cars built in Fremont. “So far we’re not aware of anything material, but it’s important to caveat, this is an unfolding story,” Kirkhorn added.
The first deliveries of Tesla Model 3 sedans produced at the Shanghai plant began in early January, one year after the U.S. automaker began construction on its first factory outside the United States.
The deliveries to customers was a milestone for Tesla and a critical step for the company in its aim to carve out market share in the world’s biggest auto market, as well as lessen the financial pain caused by tariffs.
from TechCrunch https://ift.tt/2O85U1U
Facebook will pay $550 million to settle class action lawsuit over privacy violations
Facebook will pay over half a billion dollars to settle a class action lawsuit that alleged systematic violation of an Illinois consumer privacy law. The settlement amount is large indeed, but a small fraction of the $35 billion maximum the company could have faced.
Class members — basically Illinois Facebook users from mid-2011 to mid-2015 — may expect as much as $200 each, but that depends on several factors. If you’re one of them you should receive some notification once the settlement is approved by the court and the formalities are worked out.
The proposed settlement would require Facebook to obtain consent in the future from Illinois users for such purposes as face analysis for automatic tagging.
This is the second major settlement from Facebook in six months; an seemingly enormous $5 billion settlement of FTC violations was announced over the summer, but it’s actually a bit of a joke.
The Illinois suit was filed in 2015, alleging that Facebook collected facial recognition data on images of users in the state without disclosure, in contravention of the state’s 2008 Biometric Information Privacy Act (BIPA). Similar suits were filed against Shutterfly, Snapchat, and Google.
Facebook pushed back in 2016, saying that facial recognition processing didn’t count as biometric data, and that anyway Illinois law didn’t apply to it, a California company. The judge rejected these arguments with flair, saying the definition of biometric was “cramped” and the assertion of Facebook’s immunity would be “a complete negation” of Illinois law in this context.
Facebook was also suspected at the time of heavy lobbying efforts towards defanging BIPA. One state senator proposed an amendment after the lawsuit was filed that would exclude digital images from BIPA coverage, which would of course have completely destroyed the case. It’s hard to imagine such a ridiculous proposal was the suggestion of anyone but the industry, which tends to regard the strong protections of the law in Illinois as quite superfluous.
As I noted in 2018, the Illinois Chamber of Commerce proposed the amendment, and a tech council there was chaired by Facebook’s own Manager of State Policy at the time. Facebook told me then that it had not taken any position on the amendment or spoken to any legislators about it.
2019 took the case to the 9th U.S. Circuit Court of Appeals, where Facebook was again rebuffed; the court concluded that “the development of face template using facial-recognition technology without consent (as alleged here) invades an individual’s private affairs and concrete interests. Similar conduct is actionable at common law.”
Facebook’s request for a rehearing en banc, which is to say with the full complement of judges there present, was unanimously denied two months later.
At last, after some 5 years of this, Facebook decided to settle, a representative told TechCrunch, “as it was in the best interest of our community and our shareholders to move past this matter.” Obviously it admits to no wrongdoing.
The $550 million amount negotiated is “the largest all-cash privacy class action settlement to date,” according to law firm Edelson PC, one of three that represented the plaintiffs in the suit.
“Biometrics is one of the two primary battlegrounds, along with geolocation, that will define our privacy rights for the next generation,” said Edelson PC founder and CEO Jay Edelson in a press release. “We are proud of the strong team we had in place that had the resolve to fight this critically important case over the last five years. We hope and expect that other companies will follow Facebook’s lead and pay significant attention to the importance of our biometric information.”
from TechCrunch https://ift.tt/38JCAGS
Subscribe to:
Posts (Atom)