19
Technology
Apple has released an open-source version of the HomeKit Accessory Development Kit. You can now fork it on GitHub and play around with it to integrate smart home devices in the Home app and beyond.
Todaynews is related to the Connected Home over IP effort, an industry-wide effort to build an open-source standard for the internet of things. Essentially, Apple, Amazon, Google, the Zigbee Alliance and smart home manufacturers want to work together so that accessories work everywhere.
HomeKit is lagging behind, although Apple arrived early in the connected home space. A ton of accessories now work with Amazon Alexa and Google Assistant, but you can control very few accessories with Siri, as HomeKit adoption has been slow.
By open-sourcing HomeKit, Apple hopes that more smart home manufacturers will try to integrate HomeKit in their prototypes. Everything has been released under the Apache 2.0 license.
As Next INpact noticed, if you want to release a HomeKit-compatible accessory, you still have to work with Apple to get a certification. And of course, manufacturers that work with Apple directly could potentially access unreleased features before they&re unveiled at WWDC.
Developers have already reverse-engineered HomeKit to add HomeKit compatibility to more devices with the Homebridge project. Now letsee if it leads to more cool projects to make it easier to control your connected objects from your iPhone, iPad and other Apple devices.
- Details
- Category: Technology
Read more: Anybody can now make HomeKit accessories
Write comment (95 Comments)A security researcher has found on the dark web 1,562 unique email addresses and passwords associated with Ring doorbell passwords.
The list of passwords was uploaded on Tuesday to an anonymous dark web text-sharing site, commonly used to share stolen passwords and illicit materials. A security researcher found the cache of email addresses and passwords, which can be used to log in to and access the cameras, as well as their time zone and the doorbelllocation, such as &driveway& or &front door.&
The researcher reported the findings to Amazon — which owns the Ring brand — but Amazon asked that the researcher not discuss their findings publicly.
At the time of writing, the dark web listing is still accessible.
Itthe second reported leak of Ring credentials today. Earlier on Thursday, BuzzFeed News reported that a similar cache of data on more than 3,600 Ring doorbells was posted online. The data appears to be a similar-looking data set to that which BuzzFeed obtained. Anyone with a working email address and password can log into a Ring account and obtain the Ring customeraddress, phone number and some payment information. The credentials also give the user access to the Ring devices in that home, including access to historical video data if the setting is enabled.
Itnot known how the data was exposed.
The dark web listing (Image: TechCrunch)
TechCrunch contacted a dozen individuals whose information was found on the dark web listing. We provided each person with their password. Of those who responded, all confirmed that it was their password.
On our advice, all changed their passwords, and some enabled two-factor authentication on their accounts.
Nearly all of the passwords we reviewed were relatively simple and potentially easy to guess. Itpossible that the passwords were obtained by password spraying, a technique hackers use to guess passwords, or credential stuffing, where hackers take existing sets of exposed or breached usernames and passwords matched against different websites to access accounts.
Ring spokesperson Yassi Shahmiri did not respond to a request for comment prior to publication but in an email after we posted denied a data breach.
&We&ve notified customers whose accounts we have identified as exposed and have reset their passwords. In addition, we are continuing to monitor for and block potentially unauthorized login attempts into Ring accounts,& the spokesperson said.
However, of those we spoke to none had been contacted by Ring — contrary to the companyclaim.
Itthe latest security lapse involving Ring security cameras in the past week. News reports emerged last week of how hackers were breaking into Ring cameras around the U.S. Some crime forums are sharing tools to break into Ring accounts. Then earlier this week, Motherboard confirmed that Ring cameras have shoddy security measures — such as not telling users when other people log in, when the cameras are being actively watched and by using a weak form of two-factor authentication. Ring put much of the blame on the users for not using &best practices.& But others panned the response for failing to put in &basic security measures& to protect users.
Ring has also come under fire by lawmakers for its close relationship with law enforcement agencies around the U.S.
Itnot known how many sets of exposed Ring account credentials are floating around the dark web. Users should protect their accounts with strong, unique passwords and enable two-factor authentication.
Updated with comment from Ring.
- Details
- Category: Technology
Read more: Over 1,500 Ring passwords have been found on the dark web
Write comment (94 Comments)
Your expanding global business is leaving money on the table if its systems aren&t compatible with web addresses that have extensions such as .世界 or .ОНЛАЙН (.world and .online in Chinese and Russian, respectively). This missed opportunity has been growing for some time; a 2017 study concluded that an ecommerce market worth nearly $10 billion dollars annually is up for grabs — and that is a conservative estimate.
To understand why, consider these two facts:
First, the version of the Latin alphabet you are reading now is used by just more than a third of the world population. That number is dwarfed by the billions of people who read and write every day in Chinese, Arabic, Cyrillic, Devanagari or other scripts. These are being used in regions where population growth, economic growth and internet adoption all outpace global averages.
Second, recent innovations in how we navigate the internet have made domain names in diverse alphabets available to the majority of the world who use them. In 2012, there were only 22 so-called generic domain names (with familiar extensions like .com or .edu). That number now stands at more than 1,500. Such innovation effectively brings an end to the era in which, say, a Japanese web surfer needs to toggle their keyboard to type a &www& or &.com,& because the entire domain name can now be written in Japanese.
This change is a big deal across rapidly growing markets worldwide, but particularly in Asia, where multilingualism is not widespread and new users on smartphones are key drivers of digital and economic growth. Even today, only a tiny percentage of all web addresses are expressed in Chinese characters, though Mandarin Chinese speakers make up nearly one-fifth of the worldinternet user population.
Even more relevant for the next wave of online consumers is that along with new domain names come email addresses in different scripts. A growing online population is using these addresses to sign up for services or sign into platforms.
This is why smart, global companies — and companies with global aspirations — are taking action to eliminate a major blind spot. Many software developers and corporate leaders reside in the English speaking or &Latin alphabet& parts of the world and the internet works pretty smoothly for them; therefore, they have not taken the important step of upgrading their software applications to accept all domain names equally. This step is a best practice referred to as &Universal Acceptance& of domain names and email addresses.
When systems are not Universal Acceptance ready, people using domain names or email addresses in different scripts cannot successfully use these systems, because the domain names and email addresses are not recognized as &valid.& This means lost business opportunities. Code libraries already exist in programming languages like Java and Python, often making this task the equivalent of a &bug fix;& however, it is a fix with huge implications.
To get a sense of the importance of Universal Acceptance, consider India. It has one of the fastest growing internet user populations on the planet and provides an illuminating case study.
As fast as internet adoption may be in India, in rural India it is faster still. The internet user base in India recently exceeded 500 million and is likely to reach 627 million by 2020. Two-fifths of users are located in rural areas. Consider also that India has 22 official languages and most users are on mobile devices.
In the Indian state of Rajasthan, the state government recently offered each of its 69 million residents free email addresses in both Hindi and English, while directing online public services to be Universal Acceptance ready (i.e. 100% available in Hindi). This required an intensive, 30-day push by developers to be compliant, and now residents can use their same Hindi email addresses to access an array of online platforms and services. Are some of these residents of Rajastan your future customers?
Microsoft is among the companies in the forefront of such compatibility. Last year it announced Email Address Internationalization (EAI) across most of its email platforms in an impressive 15 languages spoken across India. As Meetul Patel, COO of Microsoft India said:
&Ensuring that language is not a barrier to the adoption of technology is key for digital inclusion and growth. Making email addresses available in 15 languages is an exciting step to making modern communications and collaboration tools more accessible and easier to use for all & something we have been relentlessly working towards. We&re making technology use the language of people, and not requiring people to first learn the traditional language of technology.&
Despite such advantages, there is still a lot of work ahead. A recent review of the top 1,000 websites around the world found that only about five percent accepted all of the email address variations now in use.
Bringing systems up to date with Universal Acceptance is an easy way to make the internet more accessible for the billions of people whose languages are written in different scripts, making it a treasured cause of digital inclusion advocates. However, for any business seeking new global markets, it is a key competitive differentiator in an era of global online platforms, from direct e-commerce to the sharing economy. This is one first-mover advantage that may be worth billions.
- Details
- Category: Technology
Read more: Universal Acceptance is the first-mover advantage that may be worth billions
Write comment (90 Comments)Hello and welcome back to our regular morning look at private companies, public markets and the grey space in between.
Today, we&re digging into a host of data concerning the East Coast venture capital scene, specifically looking into the performance of its two key startup markets.
It12 degrees Fahrenheit as I write this in my office situated between Boston and New York City — a perfect vantage point for studying these vibrant tech ecosystems. Letsee what the data tells us.
The information we&re examining today comes from White Star Capital (often via CBInsights), a venture capital firm that describes itself as &transatlantic& and takes part in seed, Series A and Series B rounds around the globe. The group last raised a $180 million fund that TechCrunch covered here, noting at the time that capital pool was &oversubscribed from an initial target of $140 million& and would be invested into &around 20 new companies from the new fund, writing opening cheques of between $1 million and $6 million.&
With boots on the ground in New York, White Star cares about the East Coast, so the fundput dossier on the region isn&t unexpected. What it includes, however, is.
We&ll start with NYC and its surprising 2019 before turning to Boston, digging into its super-giant venture totals and hearing from Founder CollectiveEric Paley on the state of things in urban Massachusetts.
New York City
White Starreport details record-breaking figures for NYCcurrent year. Off of effectively flat deal volume (New York City sees around 775 venture deals per year at the moment, or a little more than two per day), the overgrown town should set record venture dollar volume in 2019.
Observe the following, astounding chart detailing the abnormality of 2019 from a comparative venture dollar perspective:
By smashing 2017local maximum, 2019 appears set to crush the cityrecord — and rich — venture investment totals. The graphic also manages to point out (somewhat embarrassingly) that Gotham will manage to best a number of European countries& aggregate venture dollar investments by itself this year.
Thatis a useful bit of context as in the United States, New York City is always Number Two to Silicon Valley. But, this chart argues, being number two in the number-one market is still a hell of a lot of capital.
Putting New York Cityventure into even sharper comparative perspective, observe the following table:
- Details
- Category: Technology
Read more: Despite winter’s chill, the Northeast’s tech ecosystem is white-hot
Write comment (94 Comments)MeWe, the subscription-based social network that emphasizes privacy and bills itself as the anti-Facebook, is launching a premium tier of its service and spinning up a business-focused product to take on enterprise networking and communication tools like Slack.
Founded by Mark Weinstein, a gregarious serial entrepreneur who credits himself with being an early developer of the social media concept, MeWe has amassed several million users in its drive to be the alternative to Facebook.
Launching after Ello, Weinstein says the challenges he witnessed that company going through provided some invaluable lessons for how he wanted to build out his own challenge to Facebooksocial media dominance.
&We were engineering when Ello had their shot at the moon and then crashed back to earth. They may have motivated 21 million people, but their servers couldn&t handle it, they were desktop only and the project was too soon,& Weinstein said.
The company operates under a freemium model, where its newsfeed, custom camera, ephemeral content, 8 gigs of storage, life voice and video and custom stickers are all free. Businesses can pay for additional features for $1.99 per month.
&Social media wasn&t invented for surveillance capitalism,& says Weinstein. And while MeWe is relatively permissive when it comes to speech, Weinstein says it has rules around posting hate speech, inciting violence and bullying. That said, &we&re not going to censor you because you&re talking about a political view we do or don&t agree with.&
Alongside the premium MeWe product for social networking, the company is also launching a separate business line for enterprise collaboration.
Weinstein says there are already several thousand users on the enterprise toolkit, which is out of beta and includes end-to-end encrypted chat, integrations with Windows 360 and features for tagging, polls, a custom camera and voice and video conferencing embedded in its suite of services.
MeWepremium tier will cost $4.99 per month and the companyprofessional service has a two-tiered approach, with a $3.99 and $7.99 price point.
- Details
- Category: Technology
Read more: Subscription-based social network MeWe launches premium features and a business product
Write comment (96 Comments)Google seems to be shopping for game studios as it courts consumer interest for its Stadia game-streaming platform, announcing Thursday that they had acquired Montreal-based Typhoon Studios.
The young studio with 26 employees hasn&t released its first title yet, after being founded nearly three years ago, but their upcoming game &Journey to the Savage Planet& will be released in late January. The title is being developed for &multiple platforms,& so for those looking forward to the title, it seems it will not be morphing into a Stadia exclusive at the last second.
A screenshot from the studioupcoming title
The studio will be joining a Stadia team in Canada led by former Ubisoft exec Sébastien Puel.
Google has been pretty vocal about its internal development efforts, including Stadia Studios led by former EA exec Jade Raymond. In an interview with Gamesindustry.biz, the exec detailed that Google was hoping to build out multiple first-party studios to release content on the platform.
&We have a plan that includes building out a few different first-party studios, and also building up the publishing org to ship exclusive content created by indie devs and other external partners,& Raymond told the publication.
- Details
- Category: Technology
Read more: Google buys game developer Typhoon Studios
Write comment (96 Comments)Page 82 of 5614