What Is Responsible For That Distinct Post-Rainfall Smell? |
|
Think you know the answer? |
from How-To Geek https://ift.tt/2HSHUNZ
What Is Responsible For That Distinct Post-Rainfall Smell? |
|
Think you know the answer? |
Stephen O'Grady / Redmonk:
A Redmonk study, combining GitHub and Stack Overflow data, finds TypeScript, Kotlin, and Julia usage is up, while Go, R, Scala, Clojure, Groovy usage is down — This iteration of the RedMonk Programming Language Rankings is brought to you by IBM. From Java to Node.js, IBM remains at the forefront of open source innovation.
Kyle Wiggers / VentureBeat:
New York-based Jitjatjo, which offers an online on-demand staffing marketplace, raises $11M Series A, claims it has seen 250% YoY revenue growth since launch — It's not easy finding quality workers in a pinch, particularly if you're in the service and hospitality industry.
Ron Miller / TechCrunch:
Iterable, a startup that helps companies build marketing campaigns, raises $50M Series C to expand cross-channel marketing platform — Iterable, a startup that helps companies build complex marketing campaigns across channels to reduce churn and increase usage, announced a $50 million Series C round today.
A pair of security researchers dominated Pwn2Own, the annual high-profile hacking contest, taking home $375,000 in prizes including a Tesla Model 3 — their reward for successfully exposing a vulnerability in the electric vehicle’s infotainment system.
Tesla handed over its new Model 3 sedan to Pwn2Own this year, the first time a car has been included in the competition. Pwn2Own is in its 12th year and run by Trend Micro’s Zero Day Initiative. ZDI has awarded more than $4 million over the lifetime of the program.
The pair of hackers Richard Zhu and Amat Cam, known as team Fluoroacetate, “thrilled the assembled crowd” as they entered the vehicle, according to ZDI, which noted that after a few minutes of setup, they successfully demonstrated their research on the Model 3 internet browser.
The pair used a JIT bug in the renderer to display their message — and won the prize, which included the car itself. In the most simple terms, a JIT, or just-in-time bug, bypasses memory randomization data that normally would keep secrets protected.
Tesla told TechCrunch it will release a software update to fix the vulnerability discovered by the hackers.
“We entered Model 3 into the world-renowned Pwn2Own competition in order to engage with the most talented members of the security research community, with the goal of soliciting this exact type of feedback. During the competition, researchers demonstrated a vulnerability against the in-car web browser,” Tesla said in an emailed statement. “There are several layers of security within our cars which worked as designed and successfully contained the demonstration to just the browser, while protecting all other vehicle functionality. In the coming days, we will release a software update that addresses this research. We understand that this demonstration took an extraordinary amount of effort and skill, and we thank these researchers for their work to help us continue to ensure our cars are the most secure on the road today.”
That's a wrap! Congrats to @fluoroacetate on winning Master of Pwn. There total was $375,000 (plus a vehicle) for the week. Superb work from this great duo. pic.twitter.com/Q7Fd7vuEoJ
— Zero Day Initiative (@thezdi) March 22, 2019
Pwn2Own’s spring vulnerability research competition, Pwn2Own Vancouver, was held March 20 to 22 and featured five categories, including web browsers, virtualization software, enterprise applications, server-side software and the new automotive category.
Pwn2Own awarded a total of $545,000 for 19 unique bugs in Apple Safari, Microsoft Edge and Windows, VMware Workstation, Mozilla Firefox, and Tesla.
Tesla has had a public relationship with the hacker community since 2014 when the company launched its first bug bounty program. And it’s grown and evolved ever since.
Last year, the company increased the maximum reward payment from $10,000 to $15,000 and added its energy products as well. Today, Tesla’s vehicles and all directly hosted servers, services and applications are now in scope in its bounty program
Alfred Ng / CNET:
LA to limit scooter companies that don't share GPS data with the city to 30-day permit and 3K scooter fleet, while those that do can have fleets of up to 10.5K — Los Angeles is pumping the brakes on scooter companies that won't tell it what part of the city you're wheeling around.
Reuters:
Alibaba, Tencent, Suning, and several Chinese carmakers have set up a ~$1.5B joint venture to invest in a ride-hailing company focusing on new energy vehicles — BEIJING (Reuters) - Alibaba, Tencent, Suning, and car makers including Chongqing Changan Automobile have set …
Chavie Lieber / Vox:
Toy brands increasingly develop packaging and prepare surprises so that toy unboxing, popular among kids on YouTube, will look good on camera — Kids are obsessed with YouTube unboxing videos. The toy industry is taking notice. — New York City's Javits Center is a big, boring building that hosts big, boring conferences.
Zack Whittaker / TechCrunch:
Popular tracking app Family Locator left real-time location data of more than 238,000 users exposed online for weeks via an unprotected database server — A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password.
Ashley Rodriguez / Quartz:
Pinterest had 250M MAUs in 2018, two thirds of them female, average user in US generated $9.04, up 47% YoY, international user generated $0.25, up 22% YoY — Pinterest revealed a trove of data about its more than 250 million monthly active users in an IPO filing on Friday (March 22).
Facebook Messenger can now handle threaded replies. In a nutshell, this means you can reply specifically to one comment in a chat without derailing the whole conversation. Which makes it especially useful for group chats involving multiple people.
Creating a threaded reply in Facebook Messenger is extremely simple. All you need to do is press and hold down on the individual message to which you want to reply. Alongside the existing option to add an emoji, you’ll now see a “Reply” button.
Click this, and write your response as normal. When you hit send, your message will be added to the conversation, but with the original message attached as a quote. So while everyone in the chat will be able to see it, they’ll know who you’re addressing.
Facebook Messenger now has message threads https://t.co/leojLfhTVk
— VentureBeat (@VentureBeat) March 21, 2019
You could find this useful in a one-on-one chat; if, for example, the conversation has moved on and you want to address something said earlier. However, threaded replies are particularly useful in group chats where multiple subjects are being discussed at once.
Facebook hasn’t formally announced this feature, but it should be rolling out to Messenger’s 1.3 billion users around the world right now. If you can’t yet use a threaded reply in Messenger be sure to update the app to the latest version.
Facebook is working on merging its three messaging apps. This means that eventually, Messenger, WhatsApp, and Instagram would all share the same underlying technology. Which would enable users of one app to communicate with users of another app.
This likely explains why Facebook has added threaded replies to Messenger, and why now. WhatsApp has boasted this feature for some time, and the more features the apps share, the easier it will be for Facebook to merge Messenger, WhatsApp, and Instagram.
Read the full article: You Can Now Use Threaded Replies on Messenger
One year after a $38 million Series B valued on-demand aviation startup Blade at $140 million, the company has begun taxiing the Bay Area’s elite.
As part of a new pilot program, Blade has given 200 people in San Francisco and Silicon Valley exclusive access to its mobile app, allowing them to book helicopters, private jets and even seaplanes at a moments notice for $200 per seat, at least.
Blade, backed by Lerer Hippeau, Airbus, former Google CEO Eric Schmidt and others, currently flies passengers around the New York City area, where it’s headquartered, offering the region’s wealthy $800 flights to the Hamptons, among other flights at various price points. According to Business Insider, it has worked with Uber in the past to help deep-pocketed Coachella attendees fly to and from the Van Nuys Airport to Palm Springs, renting out six-seat helicopters for more than $4,000 a pop.
Its latest pilot seems to target business travelers, connecting riders to the San Francisco International Airport and Oakland International Airport to Palo Alto, San Jose, Monterey and Napa Valley. The goal is to shorten trips made excruciatingly long due to bad traffic in major cities like New York, Los Angeles and San Francisco. Recently, the startup partnered with American Airlines to better establish its network of helicopters, a big step for the company as it works to integrate with existing transportation infrastructure.
New work with @flybladenow pic.twitter.com/eONvKU3rhM
— Tyler Babin (@Tyler_Babin) March 11, 2019
Blade, led by founder and chief executive officer Rob Wiesenthal, a former Warner Music Group executive, has raised about $50 million in venture capital funding to date. To launch at scale and, ultimately, to compete with the likes of soon-to-be-public transportation behemoth Uber, it will have to land a lot more investment support.
Uber too has lofty plans to develop a consumer aerial ridesharing business, as do several other privately-funded startups. Called UberAIR, Uber will offer short-term shareable flights to commuters as soon as 2023. The company has raised billions of dollars to turn this sci-fi concept to reality.
Then there’s Kitty Hawk, a company launched by former Google vice president an Udacity co-founder Sebastian Thrun, which is developing an aircraft that can take off like a helicopter but fly like a plane for short-term urban transportation. Others in the air taxi or vertical take-off and landing aircraft space, including Volocopter, Lilium and Joby Aviation, have raised tens of millions to eliminate traffic congestion or, rather, to chauffer the rich.
Blade’s next stop is India, the Financial Times reports, where it will conduct a pilot connecting travelers in downtown Mumbai and Pune. The company tells TechCrunch they are currently exploring one additional domestic pilot and one additional international pilot.
A popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password.
The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time, such as spouses or parents wanting to know where their children are. It also lets users set up geofenced alerts to send a notification when a family member enters or leaves a certain location, such as school or work.
But the backend MongoDB database was left unprotected and accessible by anyone who knew where to look.
Sanyam Jain, a security researcher and a member of the GDI Foundation, found the database and reported the findings to TechCrunch.
Based on a review of the database, each account record contained a user’s name, email address, profile photo and their plaintext passwords. Each account also kept a record of their own and other family members’ real-time locations precise to just a few feet. Any user who had a geofence set up also had those coordinates stored in the database, along with what the user called them — such as “home” or “work.”
None of the data was encrypted.
TechCrunch verified the contents of the database by downloading the app and signing up using a dummy email address. Within seconds, our real-time location appeared as precise coordinates in the database.
We contacted one app user at random who, albeit surprised and startled by the findings, confirmed to TechCrunch that the coordinates found under their record were accurate. The Florida-based user, who did not want to be named, said that the database was the location of their business. The user also confirmed that a family member listed in the app was their child, a student at a nearby high school.
Several other records we reviewed also included the real-time locations of parents and their children.
TechCrunch spent a week trying to contact the developer, React Apps, to no avail. The company’s website had no contact information — nor did its bare-bones privacy policy. The website had a privacy-enabled hidden WHOIS record, masking the owner’s email address. We even bought the company’s business records from the Australian Securities & Investments Commission, only to learn the company owner’s name — Sandip Mann Singh — but no contact information. We sent several messages through the company’s feedback form, but received no acknowledgement.
On Friday, we asked Microsoft, which hosted the database on its Azure cloud, to contact the developer. Hours later, the database was finally pulled offline.
It’s not known precisely how long the database was exposed for. Singh still hasn’t acknowledged the data leak.
New York Times:
A look at the battle between hacking tool vendors such as NSO Group and UAE-based DarkMatter as they compete for business from authoritarian governments — Sophisticated surveillance, once the domain of world powers, is increasingly available on the private market.
Stories from outside the 280/101 corridor