Monthly Archives: September 2021

Bolt CEO Markus Villig speaks on stage at the 2019 Web Summit technology conference in Lisbon, Portugal.

Horacio Villalobos | Corbis via Getty Images

Estonia's tech companies have been able to thrive in the absence of large multinationals like Facebook and Microsoft, the country's president told CNBC.

Home to just over a million people, Estonian founders have produced several tech firms with multibillion-dollar valuations. Skype, which was sold to eBay and then Microsoft, is the most well known, while others include recently listed currency exchange app Wise and mobility app Bolt, which is backed by Silicon Valley VC heavyweight Sequoia.

President Kersti Kaljulaid said that multinationals have traditionally set up their overseas headquarters in countries with generous tax systems, adding that Estonia has never been a tax haven.

Facebook, Google and Apple all employ thousands of people at their European headquarters in Ireland, where the corporation tax is 12.5%. In Estonia, it's 20%. The tech giants also employ thousands of staff across other European countries including the U.K. and Switzerland, but they don't have a significant presence in Estonia.

"Estonia is a country that has never offered special deals or special treatment to any kind of company," Kaljulaid said in an exclusive interview last week. "When I was advising the prime minister 20 years ago, everybody always came and asked what are your special conditions? We said none and I think it has served us right."

She added: "This probably, might be, one of the reasons why Estonia has so many home-bred start-ups from which you now see unicorns coming out more often."

Estonia has developed a reputation for being one of the most technology-friendly countries in the world, with the government moving many processes online well before other nations. It has embraced online voting and digital IDs, for example, and free Wi-Fi is widely found across the country.

Kaljulaid said the country's leaders want to make sure Estonia's legal space is safe but permissive for new technologies like the grocery delivery robots that have been built by Starship Technologies, which was set up by Skype co-founderJanus Friis.

Kaljulaid said the nation's entrepreneurs and coders have been educating politicians on the technologies that are poised to change the world.

For example, Skype co-founder Jaan Tallinn has been teaching her and others all about artificial intelligence.

"In Estonia, he [Tallinn] is well known as somebody who warns us and informs us," she said. "He's worried, but not unnecessarily."

Tallinn told CNBC that he has one major concern when it comes to AI.

"AI is still fairly domain specific and fragile," he said. "The one big concern I have is that countries will start applying more AI to a military context."

View post:

Estonian president says a lack of special conditions for tech giants has allowed local start-ups to thrive - CNBC

While the words startup and epiphany seem to go hand-in-hand nowadays, a pivotal moment of realization is not what inspired Adam Riggs to create Frameable and build out its suite of remote-first digital experiences, including its virtual and hybrid event platform, Social hour.

Many founder stories start with a magical aha! momenta sudden spark of inspiration an aspiring entrepreneur scribbles on a coffee shop napkin, he said. I dont have one of those.

What Riggs does have is an incredibly varied career that has led him to reflect on learnings from his many prior roles, including positions in the fast-paced world of derivatives trading, the first president and CFO Shutterstock, a member of Secretary of State John Kerrys staff and an investor in all kinds of companies.

During the past decade, every position and board seat Riggs held had one thing in common: lots of meetings.

Over the years, Ive come to believe that a lot is broken about how people typically collaborate, he said. The technology that makes it possible to meet through conference calls and video chats on its own certainly does not help people make the most of their time.

After his last formal role with the U.S. State Department, Riggs committed to creating better remote collaboration tools that put the humans who use them at the core, which eventually gave rise to Social hour.

We sat down with Riggs to get his take on what distinguishes Social hour from other platforms, the best ways to truly engage attendees and the evolution and future of the ever-changing virtual and hybrid event space.

Since the pandemic began, a plethora of virtual and hybrid event platforms have rushed to the market. What sets Social hour apart when it comes to helping clients produce standout trade shows, conferences and other events?

Our relentless, merciless focus on design, both graphic design and interaction design. It has to look beautiful, each feature has to work beautifully on its own and they also have to fit together in a way that is natural and effortless, easy to understand for the attendee and easy to set up and implement for the event planner.

Marketing can put eyes on your product, of course. But if the design falls short, if the users experience is frustrating, then companies that invest more in marketing than user experience will be pushed aside. This is happening now and will continue.

Specifically for trade shows and similar large-scale events, Social hour enables hosts and planners to create sponsored booths if they want to, fully brand and customize the event on several levels, list participants and user profiles for easy networking, let participants opt-in to exchange contact information and garner insights into the event with metrics and reports on attendance, popular table topics and engagement levels.

All these features are beautifully executed, but they are a means to an end: deliver the human connection. A virtual event needs to be more than 10 hours of video that attendees passively consume. It has to be elegant and at least partially interactive for everyone involved. Aside from breakout sessions, the benefit of in-person conferences is the ability to casually meet and network with industry colleagues in the lobby or grab a coffee while also meeting new, meaningful contacts before, during or after any programming.

No one goes to in-person events just for the content. They go for the human connection, and that is what has been lost. Were focused on bringing it back through great design and a well-thought-out user experience.

Whats the secret to cracking the engagement code for virtual events, and how are you helping your clients do it?

There are several ways to help keep your audiences drawn in and engaged during virtual events. Event planners can set up and provide live chat tools, dedicated messaging channels, small group video sessions and open video conferencing rooms where in-person and virtual attendees can hang out and connect before and after the event. Post-event landing pages or dedicated forums that allow all attendees to connect and interact are good ideas to boost engagement.

When you are planning a virtual conference or trade show, consider how you can use technology to re-create the in-person experiences that attendees find the most valuable (i.e., meeting and engaging with other people). Be sure you enable virtual attendees to interact with speakers, network with industry vendors and engage with industry colleagues.

What are some of the biggest client pain points that Social hour is successfully addressing?

Social hour integrates with numerous conference content delivery platforms to provide a variety of attendee engagement opportunities. The user experience is compelling and straightforward. The platforms fast, intuitive, customizable layout and breakout tables allow new networking and interaction sessions to be implemented on short notice and provide a very close feeling to an in-person experience.

One of the most important compliments we hear from people who have used other virtual event software as well as Social hour is that they love how easy it is to get up and running with Social hour. There is no need to work with a third-party tech vendor to plan, set up or run your event. From the finalized agreement through to the event day, we are available to help but at the same time, once you have run one or two events with us, its very easy to manage on your own.

Can you give us examples of some of your most successful and engaging virtual or hybrid events?

We recently partnered with TechChange, the Institute for Technology and Social Change, an online events and course provider for the social sector (government agencies, non-governmental organizations, academic institutions, etc.). The pandemic fueled an increase in virtual events, which accelerated demand for TechChanges services. Over the past year, TechChange scaled up its virtual event product offering and has hosted several dozen large-scale events (multi-day or 1,000-plus people often with high-level production).

They run an annual 10,000-plus person event called RightsCon, the worlds largest tech and human rights conference. They conducted approximately 100 Social hour sessions across a five-day schedule during this years event and used Social hour for additional focused networking rooms. RightsCons leadership said in the final plenary session of the event that their use of Social hour was the top-of-list highlight of the entire conference.

For the recent Society for International Developments Annual Conference, TechChange used Social hour to create something more like an expo hall with logos for different sponsoring organizations at the tables. When a presenter was speaking and doing a demo, the other people at their tables could talk with each other on video.

Do virtual and hybrid events have a future as the industry continues to move back to in-person?

Definitely. I think its a mistake to think well go back to the way things were before. The truth is that the future of events is hybridthat is, featuring a mix of in-person and virtual experiences to maximize the potential value and ease of access for attendees worldwide. Even if we could completely erase the larger concerns of COVID, many organizations have realized the benefits that come with running virtual and hybrid events in terms of cost savings, reach, increased sponsorships, etc. Further, attendees around the world have had an entirely new set of opportunities opened up for themwhy would you want to throw away this potentially huge revenue and engagement source?

Dont miss any event-related news: Sign up for our weekly e-newsletter HERE and engage with us on Twitter, Facebook, LinkedIn and Instagram!

Read the original post:

Tech Giants: Social hour's Adam Riggs on Elevating Human Connection and Engagement in the Virtual and Hybrid World - TSNN Trade Show News

Twitter CEO Jack Dorsey may have admitted that prohibiting circulation of a politically damaging New York Post story about then-candidate Joe Bidens son weeks before the 2020 election was a mistake, but the Federal Election Commission is here to make Twitters excuses for them.

The agency has determined, unanimously, that Twitters brazen actions did not constitute election interference.

Though acknowledging they have little expertise in the area of social media moderation and lack the institutional competence to manage such questions, the FECs commissioners held that Twitter was just following its established rules, not trying to influence voters. Twitter, the FEC declared, is a press entity with a First Amendment right to the content it promotes or suppresses, and thus exempt from FECs campaign finance regulations. As one FEC commissioner put it, Twitter is a publisher.

Labeling Twitter a press entity, or as a publisher, is a slippery twist for a company which regularly goes out of its way to claim it is neither. Moreover, if Twitter is truly a media company, like movie studios or The New York Post, then it is an incredibly privileged one. Thanks to Section 230 immunities, it is not subject to the same rules as the rest of the mere mortals in the media landscape. For one thing, its not liable for the insults, lies or libel posted on Twitter.

If the FECs ruling makes one thing clear, it is how insufficient our current legal architecture is for managing the role these social media companies play in our politics and beyond.

Far from being simple speech platforms, Twitter, Facebook, Google, Amazon, and Apple manage huge swaths of commerce, act as massive digital advertising firms, are now the primary areas of news and information gathering, and the market access point for millions of businesses.

Yet when confronted with legal responsibility in any of these areas, our porous legal framework allows the tech platforms to choose which hat suits them depending on the regulatory spat, only to shapeshift into something else to evade capture in a different forum. Twitter, today a publisher exempt from FEC regulation, will tomorrow be an interactive computer service or a mere conduit inscrutable and, no doubt, legally immune.

The laws which purportedly govern these tech platforms Section 230 and antitrust, in particular are, as currently constituted, inadequate to capture the full breadth of how these companies engage across sectors. Simply appealing to the existing legal framework as a means of checking the power these companies have amassed is a fools errand.

Congress must take these pre-Internet laws and update them for the post-Internet reality. This task becomes more urgent by the day.

Rachel Bovard is the senior director of policy at the Conservative Partnership Institute and the senior tech columnist for The Federalist.

Read the original post:

Our outdated laws are letting tech giants get away with everything - New York Post

19 September 2021, 15:57 | Updated: 19 September 2021, 16:05

Big technology firms have 'too much of a share of the market' and should be broken up, according to Maajid Nawaz.

The comments came after the news that Facebook have a 'white list' which exempts some 6 million users from the usual terms of service.

Read more: Maajid Nawaz scrutinises morals of tech industry amid Apple slavery row

Maajid Nawaz argued that these companies have too much influence over public discourse and should be broken up to prevent the potential to stifle public debate.

"I don't believe government should have more power to get tech companies to silence your political and scientific dissent," he clarified.

"I do think there is a problem with big tech. What do I think their problem is? They've gotten too big for their own boots they're too powerful," Maajid feared.

Read more: 'Authoritarian' fact-checkers misleading public on Covid studies, warns journalist

"What's the solution? Not online censorship, the solution is these companies need to be broken up."

Maajid went on to propose a "monopolies and mergers commission" to help break up tech companies, who, unless confronted, have "huge oligopoly potential."

Read more: Tech giants criticised over 'conspiracy theory' videos on Gaia streaming service

"They own too much of a share of the market because they kept buying out the competition," he pointed out.

He concluded by telling listeners that the solution is not further regulation: "The government's Online Harms Bill I worry will turn the problem into needing to censor speech more."

Read more:

Maajid Nawaz: Tech giants are 'too powerful' and must be broken up - LBC

Global tech giants and homegrown start-ups have set their sights deep into Indias impoverished farm economy. They believe the sector can offer opportunities worth billions at a time when the Modi government is wagering big on private investment to transform the countrys agriculture sector.

This technology thrust however runs parallel to year-long protests by farmers groups against a move to liberalise the agriculture sector through three federal laws. The farmers allege the laws will expose them to exploitation by big corporations and gradually wean them off long-standing state support. Nearly half the population depends on farm incomes.

The agriculture ministry last week signed a slew of agreements with tech firms, including with three American giants, to push a big-data project called Agristack, first reported by HT in 2018, when preliminary plans were afoot. Firms can now access the data of millions of farmers to develop high-tech solutions.

Some of the changes are historic. Amazon India has launched farm-input products on its platform. An algorithm-based hand device by Trimble Inc, an American firm, can instantly read soil nutrient levels.

Also Read | Survey shows farm incomes have risen

Bengaluru-based Crop-in Ltd offers an AI-based cloud-computing solution, which can remotely detect crop damage. Leveraging artificial intelligence, Agrograde, an Indian startup, is working on standardising quality in fresh produce by automating grading that can literally sort bad apples out.

On the ground, farming remains an occupation of drudgery and risks. A latest government survey says the share of farmers income from cultivation has been declining. Farmers receive less prices than they pay for their daily needs, known as terms of trade. Often, they sell below cost of cultivation.

We are excited to partner with government of Indias vision of empowering farmers with technology. The rapid penetration of smartphones and internet can help Indian agriculture experience a paradigm shift, said Amit Agarwal, the country head of Amazon India.

A recent research note from consultancy Bain and Company said agritech would create a value pool of $30-35 billion by 2025. Already, India stands third globally in terms of agritech startup funding, after Germany and the US.

Technology is critical in a country where farm incomes are low, about one-third of those of non-agricultural households.

Data show that in manufacturing, high-tech has spread fast, a process called technology diffusion. The-then World Bank president Jim Kim, in a 2016 speech, predicted so much that automation in non-farm sectors would threaten 69% of todays jobs in India.

The challenge in technology is that land holdings are so small that even using a tractor makes no sense in some farms, said former economist with Tamil Nadu Agricultural University, K Mani. Secondly, all Indian technologies are meant for irrigated lands only, he said.

Trimble Inc is tapping into a rental model for farmers to hire their farm equipment to make products affordable.

Last month, wholesale prices of tomato fell sharply to a nearly three-year low, as loss-making farmers in Maharashtra and Haryana dumped the produce or fed them to cattle.

Homegrown startups such as Arya.ag, a value-chain integrator, promises to solve these problems with artificial-intelligence-driven products such as Hermetic solution. This an on-demand warehousing option for locations where traditional warehousing is not available, CEO Prasanna Rao said.

Recent research by economist Ashok Gulati and his colleagues shows that governments have raised input subsidies over the years, which, in turn, have virtually turned the tap off for new public investment. This has had the effect of choking off agricultural growth, it said.

Over a 33-year period, public capital formation in agriculture, a measure of investments, including in technology, has declined from 3.9% of agricultural GDP in 1980-81 to 2.2% in 2014-15. However, input subsidies on fertilisers, power, water and crop insurance have shot up from 2.8% to 8% during this period.

For a true revolution, these technologies must affordable and be suitable for small-scale farmers, who make up 85% of our total farming community, said Kapil Regen, an economist with Comtrade.

Trimble Incs says it targets the top and middle of Indian farms. About 20-30% of large and medium farmers control 70-80% land and our initial target are those farmers, the firms managing director Rajan Aiyer had told HT on an earlier occasion.

See original here:

Big Tech forays into Indias impoverished farms. Will it help? - Hindustan Times

Sir Martin Sorrells three-year-old agency group S4 Capital has claimed it is growing at the pace of the tech giants, not the legacy agency sector, after reporting a 66% increase in net revenues in Q2.

Over the half-year period to June, net revenues were up 49% and the momentum continued into July, which was up 50%.

Sorrell upgraded S4 Capitals revenue forecast for the full year for the third time and now expects 40% growth for the whole of 2021.

S4 Capital conceded there are relatively easy comparisons with 2020 because that was the financial low point of the pandemic but pointed out: On a like-for-like basis the companys two-year stack for the first half of 2021 was up 75% (ie comparing 2021 with 2019 on a constant currency basis).

That increase shows S4 Capital is more of a proxy on the growth of the digital platforms, with Googles Q2 two-year revenue growth stack at 57% and Facebooks Advertising revenue Q2 two-year growth stack at 66%, rather than the adholdcos, which were generally flat.

By comparison, Interpublic, the best of the big six legacy agency groups, had a two-year revenue stack of 8% in Q2 and WPP, Sorrells old firm, was up 1.3%.

We have had a super-strong first half start to 2021, in line with the fast-growing digital platforms, Sorrell, the executive chairman, said. Even in comparison to 2019, we are up strongly, again more like the digital platforms. It is clear that the tragedy of Covid-19 has accelerated the speed of digital transformation and disruption at consumer, media and enterprise levels.

Sorrell founded his "new age, new era" digital marketing services firm in 2018 after his abrupt exit from WPP and S4 Capital published its stock market prospectus at the start of September 2018.

He timed these financial results to mark the third anniversary of the company.

The stock has more than quadrupled in three years, and the companys valuation has increased further to more than 4bn as the equity from the acquired companies has swelled the total number of shares.

S4 Capitals shares slipped around 3% following these results, which were roughly in line with analysts high expectations.

Analysts at Morgan Stanley said: The gap between S4's top-line growth and that of the traditional global ad agency holding companies significantly widened in the quarter vs 2020, reflecting both increased traction for S4's service offering with its clients and its technology focused client mix.

S4 Capital employed 5,751 people at the end of H1.

Original post:

S4 Capital 'growing in line' with tech giants as it upgrades forecasts for third time - Campaign US

MOSCOW, September 15. /TASS/. Silicon Valley-based Big Tech companies will corroborate their involvement in meddling in Russias State Duma elections, if they fail to participate in a meeting of the Federation Councils Commission on Protecting State Sovereignty and Preventing Interference in the Domestic Affairs of the Russian Federation, Foreign Ministry Spokeswoman Maria Zakharova stated on TV Wednesday.

"Will representatives of US companies show up, or wont they? If they dont, it would amount to automatically admitting their involvement in these processes. And if they do, we will listen to their explanations, because we have a lot of questions," she emphasized.

On Wednesday, Andrey Klimov, who heads the committee, told TASS that Google and Apple representatives were invited to the meeting because the legislators had a number of questions for them.

On September 10, US Ambassador John Sullivan was summoned to the Foreign Ministry, where he met with Deputy Foreign Minister Sergey Ryabkov. According to the ministry, the Russian senior diplomat presented evidence of the US tech giants having violated Russian law ahead of the upcoming elections.

Read more from the original source:

Diplomat: If US tech giants fail to show up at upper house, its an admission of meddling - TASS

At the end of this week several new orders from Russias federal censor (Roskomnadzor or RKN) will come into force. These orders were adopted in connection with the new law on landing foreign tech companies. In particular, one of these documents outlines how websites belonging to foreign entities that are recognized as violators of Russian law should be labeled on search engine results pages. Another one establishes a procedure for removing the links to these sites from search results altogether.

2

This law requires foreign companies with large Russian Internet audiences to open representative offices in Russia, add a feedback form to their websites (specifically, for receiving messages from Russian citizens), comply with local requirements, prohibitions, and restrictions, and respond to notices from Roskomnadzor.

In the press release announcing the adoption of the bill, the Russian State Duma referred to it as the law on landing IT giants (zakon o prizemlenii IT-gigantov, in Russian). Lawmakers adopted the legislation in the summer of 2021 without much fanfare. It has essentially entered into force already.

3

Contrary to the nickname given to the law, it doesnt just target gigantic online platforms. A website, information system, or program that is used by more than half a million Russian citizens daily can qualify as an IT giant. But to fall under the new legislation, it must be owned by a foreign entity that is, a foreign organization, foreign citizen, or stateless person.

In addition, the website should meet at least one of these four conditions:

RKN will come up with this list of IT giants and is allowed to include any foreign hosting providers, advertising systems operators, and organizers of information distribution (an umbrella term used by the Russian authorities that encompasses messengers, social networks, blogs, and online forums).

Roskomnadzor will maintain a list of all of these resources on the website 236-fz.rkn.gov.ru it isnt live yet.

4

In many different ways. RKN can send an official request to the foreign entity asking for information about the size of their daily audience. Alternatively, Russian officials can reach an agreement on the addition of a user counter on a given website. Finally, theres the most convenient option: the authorities have the right to use publicly available information. The law doesnt specify exactly what this means, so Roskomnadzor can effectively use anything they want to assess the size of a platforms audience.

5

Roskomnadzor can use one or more of the following enforcement measures spelled out in the law to get foreign companies to cooperate:

6

This involves a disclaimer that will accompany the results pulled up by search engines. If a user looks up a website thats failing to meet Roskomnadzors requirements, theyll see a special label that says, The foreign entity that owns [this] information resource is a violator of the legislation of the Russian Federation. Moreover, it isnt even necessary for this decision to come from a court: RKN officials will be able to decide for themselves whos in violation of the law and who isnt.

Roskomnadzors employees will also decide whether to block search results for a particular website altogether or limit themselves to slapping it with a disclaimer.

7

All of the major ones that make money from showing ads to Russian users will like Yandex and Google, for example. At the same time, theres reason to believe that some search engines will ignore Roskomnadzors orders. For example, Google stubbornly refuses to remove search results for Alexey Navalnys website, despite the demands of the Russian authorities.

8

Only if theyre deemed violators of Russian law and Roskomnadzor explicitly prohibits placing ads there. If advertisements are published regardless, RKN will file a complaint against the advertizer with the Federal Antimonopoly Service, which, in turn, may bring the perpetrator up on misdemeanor charges.

9

If Roskomnadzor decides to use this particular enforcement measure against a violator, the agency will add the websites owner and their foreign payment service provider of choice to two additional public lists. Russian banks will be obliged to check these blacklists and refuse to make payments to anyone included on them. This means that the website could be deprived of not only its advertising revenue, but also, for example, of revenue from crowdfunding campaigns.

10

Yes, but not right away and not in all cases. A company that refuses to open a Russian representative office or add a feedback form to its website has one month before Roskomnadzor has the right to throttle or block its website.

If a company opens a representative office in Russia and puts up a feedback form, but fails to remove some offending information from its website, Roskomnadzor has the right to apply all restrictive measures except for slowing down traffic or blocking access to the site completely.

11

In all likelihood they can.

Roskomnadzor isnt the only government agency that can block websites in Russia and no one is stopping other agencies from doing this. For example, the Attorney Generals Office can demand that any website be blocked for allegedly inciting extremist activities or mass disturbances, as well as for disseminating fake news.

In addition, the authorities can still block online resources through the courts. All it takes is a lawsuit from a cyber prosecutor (state prosecutors involved in monitoring the IT sector) on blocking a website with prohibited content. Russian judges satisfy these claims willingly.

The law on landing foreign tech companies also empowers RKN to block websites in other cases stipulated by federal laws.

We wont give up Because youre with us

Explainer by Denis Dmitriev

Special thanks to Mass Media Defense Center director Galina Arapova for her help in preparing this article

Translation by Eilish Hart

Go here to see the original:

Russia has a new law aimed at increasing control over foreign tech giants. Here's what you need to know. Meduza - Meduza

American companies, whether they mean to or not, are facilitating global cyberespionage, far away from U.S. borders.

Earlier this year, researchers at Russian cybersecurity firm Kaspersky witnessed a cyberespionage campaign targeting Microsoft Windows PCs at government and telecom entities in China and Pakistan. They began in June 2020 and continued through to April 2021. What piqued the researchers interest was the hacking software used by the digital spies, whom Kaspersky had dubbed Bitter APT, a pseudonym for an unspecified government agency. Aspects of the code looked like some the Moscow antivirus provider had previously seen and attributed to a company it gave the cryptonym Moses.

Moses, said Kaspersky, was a mysterious provider of hacking tech known as a zero-day exploit broker. Such companies operate in a niche market within the $130 billion overall cybersecurity industry, creating softwarean exploitthat can hack into computers via unpatched vulnerabilities known as zero days (the term coming from the fact that developers have zero days to fix the problem before its publicly known). They act like super-powered lockpicks, finding loopholes in operating systems or apps to allow a hacker or spy to break into targets digital lives. So rare are such exploits, they can fetch upwards of $2 million each. Buyers wielding them have the power to either protect themselves from those who might have knowledge of the relevant zero day, or to inflict massive damage on others. For instance, attackers used at least one zero in an infamous 2020 attack on $2.5 billion market cap software provider SolarWinds and many of its customersfrom U.S. government departments to tech giants like Cisco and Microsoft. The attacks cost SolarWinds at least $18 million, with warnings that the overall figure, counting the cost for SolarWinds customers who were also compromised, could get into the tens of billions.

Sometimes American companies arent the victims, but the ones fueling costly digital espionage. Moses real identity, Forbes has learned, is an Austin, Texas, company called Exodus Intelligence, according to two sources with knowledge of the Kaspersky research. And Bitter APT, the Moses customer, is India, added one source.

Little known outside of the cybersecurity and intelligence worlds, over the last ten years, Exodus has made a name for itself with a Time magazine cover story and the leak of a tool that law enforcement used to hack the anonymizing browser Tor to ensnare child predators. It also claims partnerships with the Defense Departments research agency Darpa and major tech firms like Cisco and Fortinet, a $2.6 billion (2020 sales) cybersecurity outfit. Theyre significant because the size of the market is relatively small, and the skill set required [to find zero days] is in possession of just a few thousand people worldwide at any given time, says Katie Moussouris, founder of Luta Security and creator of Microsofts bug bounty program to reward hackers for vulnerability disclosures.

Exodus, when asked by Five Eyes countries (an alliance of intelligence-sharing countries that includes the U.S., U.K., Canada, Australia, and New Zealand) or their allies, will provide both information on a zero-day vulnerability and the software required to exploit it. But its main product is akin to a Facebook news feed of software vulnerabilities, sans exploits, for up to $250,000 a year. Its marketed primarily as a tool for defenders, but customers can do what they want with the information on those Exodus zero daysones that typically cover the most popular operating systems, from Windows to Googles Android and Apples iOS.

That feed is what India bought and likely weaponized, says 37-year-old Exodus CEO and cofounder Logan Brown. He tells Forbes that, after an investigation, he believes India handpicked one of the Windows vulnerabilities from the feedallowing deep access to Microsofts operating systemand Indian government personnel or a contractor adapted it for malicious means. India was subsequently cut off from buying new zero-day research from his company in April, says Brown, and it has worked with Microsoft to patch the vulnerabilities. The Indian use of his companys research was beyond the pale, though Exodus doesnt limit what customers do with its findings, Brown says, adding, You can use it offensively if you want, but not if youre going to be . . . shotgun blasting Pakistan and China. I don't want any part of that. (The Indian embassy in London hadnt responded to requests for comment.)

The company also looked at a second vulnerability Kaspersky had attributed to Moses, another flaw that allowed a hacker to get higher privileges on a Windows computer. It was not linked to any particular espionage campaign, but Brown confirms it was one of his companys, adding that it would make sense that India or one of its contractors had weaponized that vulnerability, too.

Brown is also now exploring whether or not its code has been leaked or abused by others. Beyond the two zero days already abused, according to Kaspersky, at least six vulnerabilities made by Moses have made it out into the wild in the last two years. Also according to Kaspersky, another hacking crew known as DarkHotelbelieved by some cybersecurity researchers to be sponsored by South Koreahas used Moses zero days. South Korea is not a customer of Exodus. We are pretty sure India leaked some of our research, Brown says. We cut them off and havent heard anything since then . . . so the assumption is that we were correct.

I would not be involved in this company at all if we were, for example, working with the Saudis.

Any such zero-day spill would be especially concerning coming from a company that tries to keep a lid on around 50 zero days a year, covering the worlds most popular operating systems, from Windows to Android to Apples iOS. And Brown isnt alone in seeing his creation used in ways he didnt intend. Luca Todesco, an Italian zero-day developer and a Forbes 30 Under 30 alum, tweeted last year about the worst outcome I could see from doing my line of work after seeing iPhone hacks used for surveillance of the Uyghur community, a minority persecuted by the Chinese government. After Google researchers detailed hacks of iPhones belonging to members of the Uyghur community, Todesco realized that one of the techniques detailed by the tech giant looked a lot like something he had developed and shared with Chinese contacts. In direct messages over Twitter, Todesco denied that hed ever sold any code that ended up in the attacks, but said hed been openly sharing his findings with multiple, unnamed individuals. He claimed he didnt know how or why his code ended up being used in attacks on the Uighur community, but added, I would have avoided sharing had I known. He continues to develop exploits as part of a new Italian company he cofounded, Dataflow Security.

Aaron Portnoy, former cofounder of Exodus Intelligence, now works on more defensive technologies. His old company is now investigating whether its hacking tools leaked.

That kind of abuse is what Aaron Portnoy, a 36-year-old former executive and cofounder of Exodus with Brown, has worried about of late. Portnoy spent a decade making hacking software that could bypass security made by the biggest companies in the worldApple, Google, Microsoft. When Portnoy left Exodus in 2015 he went on to work for defense giant Raytheon and an electronic warfare startup based in San Diego called Boldend. But today, the 36-year-old self-taught hacker, who dropped out of Northwestern to carve his own career in cybersecurity, worries that he never knew who had access to his code or how they used it. He now regrets relinquishing control over his zero days to salespeople. It's almost like I was being taken advantage of . . . It felt very much like I was a tool that was being used for a bigger purpose that I really had no insight into, says Portnoy, now plying his trade at Randori, a Massachusetts-based cybersecurity firm. I dont know that I would trust any given administration to be making all the choices that I would make.

But Exodus was right to cut off India, says Moussouris, and more onus should be on the buyers when it comes to preventing abuse. Brown says hes only ever had to cut off one other customer, a French police agency, after an Exodus hack it used to target dark web child predators was exposed. Anytime our data becomes accessible to the public, especially malicious actors, it is a breach of contract, Brown adds. Pedram Amini, an Exodus advisor and founder of the Zero Day Initiative, where Brown, Portnoy and another Exodus cofounder once worked, says the companys record of cutting ties with just two customers over a decade is impressive. Amini adds that hes happy with the tightrope Exodus was walking when vetting customers. I would not be involved in this company at all if we were, for example, working with the Saudis.

Allegations that NSO Group software was exploiting iPhones of activists, journalists and politicians across the world has led to heightened awareness and alarm about cross-border phone and PC surveillance.

Knowing that its zero days can be used offensively, Browns company could have chosen not to sell to India, a country thats been accused of abuse of spyware in recent revelations about global use of tools made by Israels $1 billion-valued NSO Group. Earlier this year, a coalition of newspapers and nonprofits called the Pegasus Project alleged that phones of the leader of the opposition Indian National Congress party, Rahul Gandhi, and some of his close associates had been targeted, leading to claims of treason against Prime Minister Narendra Modis government. (The government denied that any unauthorized use of spyware had occurred.) In 2019, Facebook-owned WhatsApp said Indian journalists and activists had been targeted with NSOs iPhone surveillance software. Selling technology that can be used for offensive purposes to the Indian government, you're going to get into a situation where you may be fueling that kind of abuse, says John Scott-Railton, senior researcher at Citizen Lab at the University of Torontos Munk School. Similarly, Todesco couldve opted to keep his findings secret rather than share them with Chinese contacts.

Earlier this year, Microsoft president Brad Smith warned about the dangers posed by the global spyware industry, calling out NSO by name. He said industry vendors were handing even more capability to the leading nation-state attackers and exacerbating cyberattack proliferation to other governments that have the money but not the people to create their own weapons. With Exodus in India, there are concerns Americans are making things even worse. Forbes revealed earlier this year that Battery, a Boston-based venture capital firm, had quietly helped launch an NSO competitor, Paragon. Earlier this month, the Justice Department revealed two American companies sold iPhone hacking softwareeach tool costing $1.3 millionto a contractor in the U.A.E. that was carrying out spy operations for the Emirates. According to Reuters, those iOS exploits were used on hundreds of targets, including the Emir of Qatar and a Nobel Peace laureate human-rights activist in Yemen. We need to understand what role the U.S. private offensive market is playing in fueling . . . problematic things around the world, adds Scott-Railton.

With the supply there, American government is hungry for hacks of all kinds of technologies. Earlier this year, two FBI agents were shot and killed by a pedophile suspect in Florida earlier this yearmurders facilitated by a doorbell camera that alerted the shooter to the presence of law enforcement. Brown says that after those murders, the FBI reached out to the likes of Exodus saying it wanted better monitoring capabilities for devices like home cameras. Since many agency workers have returned to the office this summer with the post-Covid reopening, Brown adds, demand has spiked, especially for smartphone surveillance tools. Everybody is just mobile, mobile, mobile.

Follow this link:

Exclusive: An American Company Fears Its Windows Hacks Helped India Spy On China And Pakistan - Forbes

Two controversial tech companies have teamed up for the first time, with Deliveroo announcing Amazon Prime members will receive free delivery on food orders for a year.

Prime members in the UK and Ireland will be able to claim a free Deliveroo Plus membership, scrapping courier fees on meals over 25.

The deal equates to Deliveroo Plus silver, which costs 3.49 per month. Customers signed up to Amazon Prime, which includes a streaming service for TV and film, pay 7.99 per month.

Deliveroo, which, like Amazon, has come under fire over claims of poor pay and working conditions, said the move combines two giants of the delivery industry.

Amazon has more than 200 million paying members around the world, while Deliveroo now works with 50,000 restaurants in the UK alone, according to the platform.

The company said the new offer is expected to attract new highly engaged and digitally savvy customers and increase the loyalty of its existing 3.9 million UK monthly users.

Carlo Mocci, the chief business officer for Deliveroo in the UK and Ireland, said: Amazon is one of the most customer-focused and innovative companies in the world and we are excited to launch this offer for Prime members.

Amazons Lisa Leung Director added: We are excited about this offer with Deliveroo so millions of Prime members in the UK and Ireland can get the convenience of great meals delivered fast.

View original post here:

Tech giants Amazon and Deliveroo team up to give Prime customers free delivery on food - iNews