A week ago news broke that the FBI had drafted a resolution for Interpol to release condemning the use of strong encryption. Ultimately the resolution was not passed, with Interpol contacting Nicole Perloth with the New York Times to deny the resolution was ever under consideration.
“There is no doubt the resolution was drafted, with both Reuters and Ars Technica having seen a copy of it. The only question is whether Reuters’ sources about Interpol’s intentions were incorrect, or whether Interpol is attempting to backpedal after the news broke.”
In an update by Reuters, it appears Interpol was backpedaling.
“The international police organization Interpol put off plans to condemn the spread of strong encryption after objections by tech companies and civil liberties advocates, according to two people familiar with the matter.
“After the Reuters article appeared, Facebook and others complained that strong encryption also deters criminal hacking and surveillance of peaceful political activists by repressive regimes, the people said.
“Conference organizers told some who had attended that they were surprised by the feedback and delayed putting out a statement while they reconsidered, those people said.”
Interpol is still denying there was ever any plans to release the statement and the agency did not return Reuters’ request for comments.
If Reuters’ sources are correct, it is reassuring Interpol was willing to hold off in response to feedback and criticism of the proposal. At the same time, it’s still disconcerting the agency was surprised by the pushback and shows how little understood the privacy issue is—even by those who should understand it best.
In a case of “what are they thinking,” the California DMV has admitted that it sells drivers’ information to the tune of $50 million a year, according to an investigation by Motherboard. Motherboard used a public record acts request to find out how much the California DMV was being paid by companies for driver data, as well as who was buying it.
“The responsive document shows the total revenue in financial year 2013/14 as $41,562,735, before steadily climbing to $52,048,236 in the financial year 2017/18.
“The document doesn’t name the commercial requesters, but some specific companies appeared frequently in Motherboard’s earlier investigation that looked at DMVs across the country. They included data broker LexisNexis and consumer credit reporting agency Experian. Motherboard also found DMVs sold information to private investigators, including those who are hired to find out if a spouse is cheating. It is unclear if the California DMV has recently sold data to these sorts of entities.
“In an email to Motherboard, the California DMV said that requesters may also include insurance companies, vehicle manufacturers, and prospective employers.”
A spokesman for the DMV said that the money goes toward public and highway safety, “including availability of insurance, risk assessment, vehicle safety recalls, traffic studies, emissions research, background checks, and for pre- and existing employment purposes.”
The DMV also said that any sale is in harmony with current legislation, and that it conducts regular reviews to make sure it sells data only to authorized entities.
While it’s common practice for DMVs to sell driver information, California has made a name for itself as a more privacy-conscious state than most. For it to be profiting from private data is not a good look, and will likely be met with protest as it becomes more widely known.
Zak Doffman at Forbes is reporting on a newly discovered vulnerability in the Truecaller app that puts 150 million iOS and Android users at risk.
Truecaller is one of the premier caller ID apps, identifying unknown calls from mobile, landline and prepaid phones. It also provides the ability to block numbers and auto-block robocalls and telemarketers. The app also offers VoIP calling, call recording, SMS and group chat, as well banking and payments.
Truecaller just recently passed the 500 million download mark, with 150 million daily users. Of those, 100 million are in India, where the app has surpassed Facebook in popularity. According to the company’s blog, “every tenth active user in India has linked their bank account to Truecaller Pay.” The app’s popularity, not to mention the breadth of services offered, makes the vulnerability even more concerning since it is a flaw in the Truecaller API.
According to Mr. Doffman, “India-based researcher Ehraz Ahmed discovered the flaw, disclosing it to local media and the company and waiting for a fix before going public. He explained to me that ‘the flaw allows an attacker to inject his malicious link as the profile URL. The user viewing the attacker’s profile by search or through a popup gets exploited.’ Ahmed has said the flaw could be used to mount serious attacks on target machines, although this was not the scope of the proof of concept and has been played down by the company.
“What Ahmed did manage through his POC was ‘to fetch a user’s information like IP address, User-Agent, and time. The user visiting the profile would not notice this as it all happens in the background, and for the user, it would look like any other profile.’ With the now-patched flaw impacting Truecaller’s API, it is a potential threat to all apps and platforms.”
Mr. Ahmed worked with Truecaller to identify the bug and a patch was immediately released. Because the issue was with the app’s API, the company was able to patch the flaw on their end, although all users should update to the latest version to be on the safe side.
As more and more apps offer services that cross a range of industries, such as communication and banking, flaws like this will represent a much greater threat to users.
OnePlus is reporting the second breach of customer data in as many years. A member of the security team informed customers of the breach on the company’s support forums.
According to the statement, some “users’ order information was accessed by an unauthorized party. We can confirm that all payment information, passwords and accounts are safe, but certain users’ name, contact number, email and shipping address may have been exposed. Impacted users may receive spam and phishing emails as a result of this incident.”
OnePlus says immediate action was taken to stop the intrusion and shore up security, but questions remain. In a related FAQ, the company says the breach occurred last week, but there is no explanation as to why it took a week to make an announcement. Similarly, the company does not definitively say where the breach occurred, although the wording of the announcement and the FAQ seem to indicate it happened via their website rather than through a flaw in their phones. Perhaps most significantly, OnePlus did not return requests by The Verge for information on exactly how many users were impacted.
The company did say that affected users were notified before the public announcement. If customers have not received any notification, it’s a safe bet their information was not part of the breach.
VentureBeat is reporting that Tel Aviv and New York-based cybersecurity firm Firedome has raised an additional $10 million in funding, bringing their total to $14.5 million.
The new round of investment will help the company continue development of its cybersecurity suite aimed at protecting Internet of Things (IoT) devices from hackers, malware, ransomware, denial of service attacks and other threats. A lightweight software agent is installed on IoT devices and continuously monitors them using heuristic, reputation and signature-based methods. In addition, the software uses a cloud-based AI to monitor network traffic and quickly respond to attacks.
CEO and cofounder Moti Shkolnik—who also served as head of the Israeli Prime Minister’s Office cyber business unit—said: “We were pleased to find out that IoT device companies, across industries, are not willing to compromise the security of their products and are aware of the vulnerabilities that cannot be fully eliminated by static security by design processes. We were happy to witness the rapid progress of closing partnerships with tier 1 companies, about which we will be able to divulge soon. We strongly believe that real-time endpoint cybersecurity is the inevitable future of the IoT security landscape.”
With some projections putting the number of IoT devices at 64 billion by 2025, companies like Firedome will play an increasingly important role in keeping those devices secure.
“I don’t think that Microsoft, Amazon, or any of these big tech companies are going to go all-in and say we are going to build products that are going to be controversial, part of the kill chain, and designed specifically for DoD,” says the founder of Oculus VR and Anduril, Palmer Luckey. “Because if it reduces their consumer enterprise sales by one percent or increases controversy by one percent it’s likely not worth doing.”
Luckey added, “I don’t think that the United States leads in the technologies that are going to be relevant to the warfare of the future. I think that the US is falling behind in areas like autonomy and artificial intelligence.”
Palmer Luckey, the founder of Oculus VR and Anduril, discusses how Anduril can compete and win against behemoth defense contractors and big tech in an interview on CNBC:
Big Tech Won’t Build Products That Are Part of the Kill Chain
No, (I don’t think Microsoft is a rival to Anduril). Actually, I think that we’re going to be doing a lot of work with Microsoft on a lot of this stuff. You’re not going to have one company owning everything anyway. I’m glad that Microsoft and Amazon are vigorously competing for this Jedi contract. Contrast that with Google that dropped out because they said they couldn’t be sure the government was going to abide to their internal corporate ethics principles. I think that there’s a big difference though between what Amazon and Microsoft are doing with Jedi and what we’re doing. Microsoft has said that the military will always have access to their best technology and that’s true. But they also are selling to everyone. They’re building a product that’s for everyone.
Everything that we’re building is specifically for the Department of Defense. We’re not going out there and saying, let’s resell the thing where we make 90 percent of our money in the consumer or the enterprise space. We’re going to say what do they need and what is the absolute perfect thing? I don’t think that Microsoft, Amazon, or any of these big tech companies are going to go all-in and say we are going to build products that are going to be controversial, part of the kill chain, and designed specifically for DoD. Because if it reduces their consumer enterprise sales by one percent or increases controversy by one percent it’s likely not worth doing.
US Is Falling Behind In Autonomy and Artificial Intelligence
In China, you have lots of new companies doing defense work and lots of consumer technology companies doing really strong defense. China has a very strong pipeline from new tech to military deployment. I think the United States knows that they can learn a little bit from that and that they’re going to have to if they’re going to keep up with our adversaries who are honestly much better at that innovation pipeline than we are right now.
I think that we lead right now especially when it comes to conventional military force and when it comes to conventional military operations. I don’t think that the United States leads in the technologies that are going to be relevant to the warfare of the future. I think that the US is falling behind in areas like autonomy and artificial intelligence. I think that China has structural advantages over the United States because they’re willing to surveil their entire population and use it as a training system for their artificial intelligence models. I’m not saying that we should do that. I’m very much against that in fact. But we do have to realize that China has certain structural advantages.
In China, the government by law is able to take any technology they want from the private sector and use it for military purposes. In the United States, we’re lucky that our companies are even able to say I don’t want to work with the government. I don’t agree with Google’s decision to pull out of the Jedi contract, for example, but I am very supportive of their right to do so. Again, I’m not saying we need to be more like China on this. I think that would be terrible. But we do have to recognize that there are structural advantages in what they’re doing and so we have to not just do the same thing they’re doing. We have to try new things, better things, and alternate routes where they don’t really have such a strong advantage.
Lockheed, Raytheon Do Not Have The Best New Tech Talent
I think our (smaller) size actually works in our favor. If it was a big landscape of smaller highly competitive players I think we actually would have a harder time raising money. As it is investors look and they say, hey, the whole field is dominated by a handful of players that make all of the money. They’re old, they’re very slow-moving, they don’t have all the best talent. That type of market is the one where you can believe the most that somebody can come in and disrupt it.
We’re a defense technology company first. We’re not a consumer technology company dabbling in defense work. We from day one said what can we develop that really helps the US Department of Defense and that helps keep America and our allies safe. That’s why we’re building artificial intelligence powered hardware and software. I think that we have a few big competitive advantages. The first thing is that we have a really strong team that comes from areas where the experts in autonomy, computer vision, machine learning, networking, those types of things, actually are.
Lockheed, Raytheon, the traditional defense primes, they’re good at building aircraft carriers and good at building fighter interceptors but they do not have the world’s best talent when it comes to artificial intelligence, computer vision, and machine learning. That’s why our company is focusing on that. We think we can add a lot of value there that other people cannot necessarily add.
Big Tech Won’t Build Products That Are Part of the Kill Chain, Says Anduril Founder Palmer Luckey
Privacy has become the new tech battleground, with companies like Google and Facebook seeking to profit from user data, while Apple and Microsoft have consistently come in on the side of protecting user privacy. Now, Microsoft has taken it a step further, embracing the most comprehensive set of privacy laws in the United States.
The California Consumer Privacy Act (CCPA) goes into effect on Jan. 1, 2020. CCPA is designed to protect user privacy and give individuals more control over how their data is used by corporations. The law requires companies to be transparent about the data they collect, how it’s used and give people the ability to prevent companies from selling their personal information. Microsoft makes it clear in a recent blog post that they are strong supporters of this approach.
“We are strong supporters of California’s new law and the expansion of privacy protections in the United States that it represents. Our approach to privacy starts with the belief that privacy is a fundamental human right and includes our commitment to provide robust protection for every individual. This is why, in 2018, we were the first company to voluntarily extend the core data privacy rights included in the European Union’s General Data Protection Regulation (GDPR) to customers around the world, not just to those in the EU who are covered by the regulation. Similarly, we will extend CCPA’s core rights for people to control their data to all our customers in the U.S.
“We continue to put these principles into practice every day through ongoing investments in tools that give people greater control over their personal information. More than 25 million people around the world – including over 10 million people in the U.S. – have used our privacy dashboard to understand and control their personal data. By being transparent about the data we collect and how we use it, and by providing solutions that empower businesses to safeguard personal data and comply with privacy laws, we can demonstrate our commitment in the absence of Congressional action.”
Microsoft is also committed to helping other companies abide by CCPA.
“In addition, we are working closely with our enterprise customers to help them comply with CCPA. Our goal is to help our customers understand how California’s new law affects their operations and provide the tools and guidance they will need to meet its requirements.”
Hopefully, Microsoft’s example will encourage other companies to take a stronger stance on protecting consumer privacy.
“DataWallet is basically a digital wallet that holds all of your personal data,” says DataWallet CEO Serafin Lion Engel. “If Twitter was to give you a DataWallet you would see exactly all of the data that you create on Twitter. At the end of the day what DataWallet does is put you in control of your data. What it cannot do is protect you from anything that may happen illegally. So if Twitter really tried to cover up the fact that they were collecting their two-factor authentication data in order to advertise to you it wouldn’t show up but it would be all the more of a scandal.”
Serafin Lion Engel, founder and CEO of DataWallet, discusses his mission of putting consumers in control of their data in an interview on CNBC:
DataWallet Puts You In Charge of Your Data
DataWallet is basically a digital wallet that holds all of your personal data. If Twitter was to give you a DataWallet you would see exactly all of the data that you create on Twitter. You would see all of the data you created yourself that they have collected about you through third-party vendors. Then you can see all of the use cases that they use that data for and you can actually set permissions for how exactly your data can be used. You can download your data and you can delete data. It puts you in full control of the data that you have created on the Twitter platform.
At the end of the day what DataWallet does is put you in control of your data. What it cannot do is protect you from anything that may happen illegally. So if Twitter really tried to cover up the fact that they were collecting their two-factor authentication data in order to advertise to you it wouldn’t show up but it would be all the more of a scandal.
Data includes anything that you post, your IP address, your email address, what device you are on, etc. It’s all-encompassing. Twitter also buys a lot of data about you in order to enrich their targeting capabilities. They may buy data from Acxiom about, for instance, your financial situation, whether you have applied for credit or not all in order to more accurately show advertising to you.
Corporate Trust Is Rooted In How They Use Your Data
We work with a lot of companies in the advertising industry because a lot of companies do want to do things differently. In ad tech, they are pretty upset about the fact that a lot of companies are doing things that are unethical and they do want things to change. We work with companies in CPG, in consulting, and in a variety of different industries.
It definitely is a tough sell to companies that try to do things with your data that they would rather not have you know about. There are a lot of companies that in the past have been good data custodians and have not gotten any credit for that. They have not gone out on a limb in order to monetize their users’ data even though they could have. Up until about two years ago, it was not a hot topic, nobody was really paying attention and companies were making a lot of money selling their consumers’ data.
However, the companies who have been good data custodians and who have said we do not want to do anything that our consumers wouldn’t give us expressive consent to do with their data are jumping on board with what we’re doing right now. They’re the ones reaping the benefits because consumers will switch to companies that are putting them in charge of their data. Over 87 percent of customers say that the amount of business they do with a company depends on how much they trust it. That trust is rooted in how they’ve used their data.
New Regulations Don’t Cover Data Usage
The regulations in California and Nevada are very much focused on the sale of data, which is still a good thing. You can now issue an opt-out request for companies to not sell your data. However, it doesn’t cover usage. If, for instance, you wanted to direct the company to stop using your data for internal marketing purposes you wouldn’t be able to do that. Any data privacy regulation that is intended to put consumers in control of their data is a good thing. However, we also have to take into consideration that a lot of companies like Facebook and Amazon are really profiting from this because they are not a third party vendor. They have their own data and that really benefits them.
DataWallet Puts You In Charge of Your Data, Says DataWallet CEO Serafin Lion Engel.
Germany has completed its ‘security catalog,’ a set of rules telecommunications companies must comply with as they deploy 5G networks. Reuters is reporting that, despite pressure from the U.S., German officials have not excluded Huawei from participation.
The U.S. and Huawei have been at odds over allegations the equipment vendor has backdoors in its 5G equipment—backdoors that enable China to spy on other countries. Huawei has vehemently denied the allegations, but that hasn’t stopped the U.S. from taking action to implement bans, export controls and tech sharing restrictions. This has impacted all aspects of the company’s business, even resulting in it losing full access to Google’s Android. The U.S. has also put pressure on European allies to limit Huawei’s ability to do business in the EU.
In what some are seeing as a snub of U.S. interests, Germany declined to single out any vendor, including Huawei. This is likely due to warnings from German operators who have said banning Huawei could cost billions and add years to a successful 5G rollout.
“We are not taking a pre-emptive decision to ban any actor, or any company,” German government spokesman Steffen Seibert told a news conference in Berlin on Monday.
Few technologies are more controversial and divisive as facial recognition. Customers have come to rely on it to log into their phones and tablets, police and government agencies are increasingly using it to identify suspects and privacy advocates decry it as an unconstitutional invasion of people’s rights.
Amazon has established itself as a leader in the field of facial recognition with its Rekognition software. While the software is widely used by police, as well as government agencies such as Immigration and Customs Enforcement (ICE), it has not escaped controversy. The ACLU has twice used Rekognition on photos of politicians, each time with dozens of false matches. In both instances, however, Amazon responded by pointing out that the ACLU left the confidence setting at the default 80 percent threshold, instead of the 99 percent threshold Amazon recommends for law enforcement.
Nonetheless, Amazon can see the writing on the wall and knows it’s only a matter of time before facial recognition is regulated. Needless to say, it’s in Amazon’s best interests for those regulations to favor companies who profit off of the technology. To that end, Vox is reporting that Amazon is drafting laws to regulate facial recognition, which they plan on pitching to lawmakers.
According to Vox, CEO Jeff Bezos told reporters that the company’s “public policy team is actually working on facial recognition regulations; it makes a lot of sense to regulate that.
“It’s a perfect example of something that has really positive uses, so you don’t want to put the brakes on it. But, at the same time, there’s also potential for abuses of that kind of technology, so you do want regulations. It’s a classic dual-use kind of technology.”
While skeptics are understandably concerned that Amazon’s foray into legislation may do little to nothing to protect the rights of everyday citizens, only time will tell if Amazon’s efforts are sincere or just another step toward a more Orwellian outcome.
Google received a welcome victory in the European Union’s highest court in relation to the EU’s “right to be forgotten” rules.
For the past five years, EU citizens have enjoyed the right to have search engines remove embarrassing or outdated information from their indexes. At the heart of the case was whether the right to be forgotten extended beyond EU borders.
The CNIL, a French privacy regulatory body, had ordered Google to expand the right to be forgotten globally. Google resisted, citing concerns that authoritarian regimes in other parts of the world would abuse the feature to cover up crimes and human rights violations. The CNIL eventually tried to levy a $109,901 fine.
Ultimately, however, the EU ruled that the right to protect personal data was not an absolute right, and that there was no obligation for Google—or any other search engine—to delist search results outside of the EU.
While Google praised the decision, it is not without complications. Google has relied on geoblocking to ensure EU citizens do not see delisted search results. Geoblocking does not, however, mean that the search results are not there—it simply means they are not accessible to someone within the EU. A person based in the U.S., or anywhere else outside of Europe, would still be able to find the very things someone in Europe may have filed to have delisted and will never see themselves.
Despite the complications, the ruling was welcomed within the tech community. The case was being watched closely to see how much authority the EU had to impose regulations on a U.S. company. Had Google lost, the long-term implications for Google and every other tech firm would have been profound—and gone far beyond mere search results.
The Five Eyes gained worldwide attention and notoriety in the wake of the Snowden revelations. The Five Eyes is an intelligence alliance comprised of the United States, United Kingdom, Canada, Australia and New Zealand. The agencies of the five countries share intelligence and cooperate in the global War on Terror.
Now, according to a joint statement posted on the U.S. State Department website, the Five Eyes have joined forces to help advance “responsible state behavior in cyberspace.” The Five Eyes are joined by 22 other countries in the joint statement.
It’s widely believed this new effort targets threats from China, including state-sponsored cyber espionage, online disinformation campaigns and intellectual property theft. Although China is not specifically named, much of the language used in the joint statement references behaviors and actions that China has long been accused of.
The statement wraps up with the promise that “as responsible states that uphold the international rules-based order, we recognize our role in safeguarding the benefits of a free, open, and secure cyberspace for future generations. When necessary, we will work together on a voluntary basis to hold states accountable when they act contrary to this framework, including by taking measures that are transparent and consistent with international law. There must be consequences for bad behavior in cyberspace.”
Akamai Technologies, one of the world’s premier content delivery networks (CDN), just announced its acquisition of KryptCo.
KryptCo is the creator of a mobile, multi-factor authentication mechanism that, unlike many competing solutions, doesn’t require a pin number for authorization. As a result, KryptCo’s technology is resistant to phishing attempts.
Akamai has a long-standing reputation as one of the leading CDN companies, with their services in use by some of the biggest companies around the globe. Their network represents one of the largest distributed computing platforms and serves as much as 30 percent of all internet traffic. Integrating KryptCo’s technology will assist Akamai in delivering Zero Trust security to their customers.
Zero Trust Security and Why It Matters
In traditional computer security, the emphasis is on protecting the perimeter—keeping bad actors out. In many cases, if a hacker is able to breach the perimeter, there is little to nothing else standing in their way.
Zero Trust security operates on the principle “never trust, always verify.” A Zero Trust model implements security in all aspects of an organization’s network, constantly looking for malicious activities, as well as areas for improvement.
KryptCo’s technology represents a significant security upgrade for Akamai’s customers, and opens the door for improved single sign-on cloud options.
Moving Forward
While the financial aspects of the deal are under wraps as of writing, KryptCo CEO Alex Grinman has joined Akamai and will assist with the merger, specifically with Akamai’s Zero Trust rollout.
Customers and investors are likely to benefit from the merger, as it helps Akamai continue to adapt to the changing needs of the market.
“Fundamentally, we have a bigger plan for security,” says VMware COO Sanjay Poonen. “We felt it was the perfect time for us to come up with a disruptive play that was based on big data, was AI, and was cloud-based. There were only two companies doing it, CrowdStrike and Carbon Black. We felt Carbon Black was better integrated to us, had as good a product or better. We have a plan to integrate Carbon Black and make it intrinsic in a way that nobody else will do. We think this will transform the security industry that’s been broken today.”
Sanjay Poonen, COO of VMware, elaborates on how they plan to transform security and lead the containers movement currently going on in digital transformation. Poonen was interviewed by Jim Cramer on CNBC:
Containers Are A Movement Going On In Digital Transformation
When you look at these types of transformational moments going on in digital transformation, these happen once every 10 to 20 years. VMware is the company that invented the virtual machine and for the last 20 years, we’ve created a million jobs in that part of infrastructure. There is a movement going on in digital transformation right now called containers. We believe it’s our birthright to own that movement. There will be potentially tens of millions of jobs among developers created on top of this virtual machine.
Think of the virtual machine sort of like the ship and containers like the things on top of it. In the 1950s containers completely transformed ships and VMware created the ship. These containers are going to allow apps to be fundamentally transformed. We found as we thought about this that this was the right time to do it and it was our birthright to do it better than anybody else. Why not take those three thousand people in Pivotal and $750 million in revenue and turbocharge the next ten years of VMware, not just in virtual machines and virtualization in the path to the cloud, which is the first C, but the other C is containers. We think that’s a big part.
We’re A Go-To-Market Machine
Pivotal (is more valuable than the market initially believed) for two reasons. They’ve refactored their product which now sits completely on Kubernetes. If you don’t know what it is, it’s a sort of the big open-source container movement. And their go-to-market engine probably stuttered a little bit. But that’s what VMware does well. We’re a go-to-market machine. We’ll bring them in and accelerate this to our 500,000 customers. We feel good when we get a good product in the hands of our good go-to-market machine. I think we can accelerate it.
At VMware, no one person does it, it takes a village but also our partners like Dell and the ecosystem also. VMware has 75,000 partners who love us. We’re going to take this to those ecosystem partners. We have a big tent of system integrators and they’re excited about this. We branded the entire thing, that’s the other thing we’ve done pretty well. Tenzo, which is the Japanese word for containers, we’re doing big ads in New York, San Francisco, and London Airports. This is a play on the word VMware that says ContainerWare. We’re not changing the name of the company but we’re going big in containers and that’s the key message.
We Have a Bigger Plan For Security
Fundamentally, we have a bigger plan for security. Let me just walk you through a quick understanding of the strategy. There are a lot of parallels with security and healthcare. My mom’s a doctor. Imagine you went to a doctor and you asked her how do you get well and she said you have to eat 5,000 tablets. Eating one every 30 seconds would take you a couple of weeks to do. That’s what the security industry is today. It’s 5,000 vendors, broken, with lots of different agents bloated on people’s laptops, lots of alerts showing up, and manual labor.
We look at this and say there’s a fundamentally new way to do it, which is to make security intrinsic to your diet. You eat your vegetables, your fruit, you drink your water, brush your teeth, and that’s what we’re doing with security. We are making it part of our platform.
A Disruptive Play Based On Big Data, AI, and Cloud-Based
We’ve been doing very well in network security around the NSX product but endpoint security and workload security we didn’t have much there. We had Workspace ONE, our AirWatch related product, and we found that many of these endpoint security players were kind of in a little internal turmoil. Symantec got bought by Broadcom. McAfee got bought by Intel and then was spun out again. We felt it was the perfect time for us to come up with a disruptive play that was based on big data, was AI, and was cloud-based.
There were only two companies doing it, CrowdStrike and Carbon Black. We felt Carbon Black was better integrated to us, had as good a product or better, and we intend to acquire them. The acquisition hasn’t yet closed. We have a plan to integrate this and make it intrinsic in a way that nobody else will do. We laid that out at VMworld. We think this will transform the security industry that’s been broken today.
VMware COO Sanjay Poonen: We Have a Bigger Plan For Security
“Typically, you separate great brands to create enterprise value,” says Scott Galloway, a Professor of Marketing at NYU Stern School of Business. “Mark Zuckerberg is trying to encrypt the backbone between WhatsApp, Instagram, and the core platform Facebook, such that he has one communications network across 2.7 billion people or the population of the southern hemisphere plus India. What could go wrong? I actually, and I’ve said this before, I think Mark Zuckerberg is the most dangerous person in the world.”
Scott Galloway, a well-known and popular Professor of Marketing at NYU Stern School of Business, discusses Facebook’s possible implementation of a single communions platform for all of its apps utilized by 2.7 billion people. Galloway was interviewed on Bloomberg Technology.
Connecting Whatsapp, Instagram, and Facebook – What Could Go Wrong?
What we have here is the mother of all conjoining of triplets (referring Facebook’s plan to use the same messaging backend on all of its platforms). That is, typically, you separate great brands to create enterprise value. Mark Zuckerberg is trying to encrypt the backbone between WhatsApp, Instagram, and the core platform Facebook, such that he has one communications network across 2.7 billion people or the population of the southern hemisphere plus India. What could go wrong?
I actually, and I’ve said this before, I think Mark Zuckerberg is the most dangerous person in the world. If you look at key moments in our history where we moved to tyranny, one of the key steps is someone consolidates the media. The notion that we’re going to have one individual deciding the algorithms for an encrypted backbone of 2.7 billion people is frightening, regardless of that person’s intentions or not. They’re even talking about putting the Facebook brand on each of these.
Is This a Prophylactic Move Against Antitrust Action?
I think what Mark Zuckerberg is doing is taking prophylactic moves against any sort of antitrust such that he could say, “It’d be impossible to unwind us now.” This is absolutely bad for the planet and bad for society. It’s clear where they’re going, an encrypted backbone, conjoin the triplets, and claim that if you do anything you’re going to kill all of us.
Typically antitrust plays out over the course of years or even decades. The idea to try and conjoin the companies as quickly as possible, such that they can make a nationalist argument, and they’re making it now. They are arguing that the Chinese are coming for us with their AI weaponized companies and you need a big company (to combat them). In fact, we’re the only ones that can do a stable currency coin.
They’re going to try and make the same argument around encrypting the backbone. The fact is the FTC and the DOJ, as they’ve shown at least stomach some for, should go on background and say, “This is not going to prevent us from splitting you up, so be careful.” There has never been a greater failure in FTC or DOJ history them approving the acquisition of Instagram. I think we all probably regret that now.
Zuckerberg Connecting Whatsapp, Instagram, and Facebook. What Could Go Wrong? – Scott Galloway
“Customers continue to affirm the need to accelerate the digital transformation and take advantage of the explosion of data we see around us,” says HPE CEO Antonio Neri. “This ultimately is the core aspect of how they derive an improved business outcome. We have a very complete portfolio from the edge to the cloud. Digital transformation starts with secure connectivity. We have a phenomenal platform called Aruba that provides a mobile-first cloud-first approach.”
Antonio Neri, President and CEO of Hewlett Packard Enterprise, discusses on CNBC the companies latest earnings driven by customers continuing to accelerate their digital transformation:
Customers Accelerating Their Digital Transformation
Customers continue to affirm the need to accelerate the digital transformation and take advantage of the explosion of data we see around us. This ultimately is the core aspect of how they derive (an improved) business outcome. Obviously, the uncertainty (do to the China trade war) can create a little bit of a pause. It takes a little bit longer for them to make decisions, particularly with larger deals. That’s what we saw (this quarter), elongated sell cycles.
We executed with incredible discipline both on the cost side and on the pricing side. We actually have done a remarkable job in the last seven quarters to continue to make our cost structure more competitive and to streamline everything across the company. When I became the CEO I established three key priorities for ourselves. One of them, at the core, was to start with our HP Next next program which was to rearchitect the company from the ground up. That included a cost-benefit but at the same time, a portfolio shift. We are seeing the benefit of the portfolio shift today in our margin profile. That gives us the ability to expand margins significantly. I believe we will deliver record levels of year-to-date free cash flow which gives us the confidence to raise the guidance again for seven consecutive quarters.
Digital Transformation Starts With Secure Connectivity
It (the Huawei issue) is an opportunity for us. We have a very complete portfolio from the edge to the cloud. Digital transformation starts with secure connectivity. We have a phenomenal platform called Aruba that provides a mobile-first cloud-first approach. At the same time, we are here to serve our customers in the countries where they participate. We have a very diverse global supply chain that allows us to navigate through these challenges. I take this as an opportunity for us to serve our customers better and continue to provide the value they’re looking for. Obviously, we need to navigate through this uncertainty, whether it is Huawei or others. At the end, we are really focused on our business and our customers.
As our CFO Tarek Robbiati said we are focusing this year on stabilizing our business. We continue to shift our portfolio to higher value, higher margin and deliver everything we can as a service to our customers. You see the results of that in a portfolio mix in key strategic growth areas like high performance compute, which is the backbone for how analytics and AI will be run going forward. We are extremely excited about the completion almost of the acquisition of Craig which will be completed by the end of Q4. At the same time, in the core business, we have to continue to deliver what I call world load optimized hybrid cloud solutions delivered as a service. We are on that journey. We have made tremendous progress. We have a truly differentiated offer called HPE GreenLake, which is to deliver everything as a service.
Customers Accelerating Their Digital Transformation, Says HPE CEO Antonio Neri
“We’re working together with Microsoft to build next-generation supercomputers,” says OpenAI co-founder Greg Brockman. “The real goal of OpenAI and what we’re trying to accomplish is to build what we call artificial general intelligence. They’re trying to build a computer system that is as capable as a human at being able to master a domain of study and being able to master more fields of study than any one human can. We think whoever builds artificial general intelligence will be the number one most valuable company in the world by a huge margin.”
OpenAI Working With Microsoft To Build AI That Will Change The World
We’re working together with Microsoft to build next-generation supercomputers. The real goal of OpenAI and what we’re trying to accomplish is to build what we call artificial general intelligence. They’re trying to build a computer system that is as capable as a human at being able to master a domain of study and being able to master more fields of study than any one human can. If we succeed the kind of thing that we want to be able to do is, for example, build a computer system that can solve medicine better than humans can. If you think about how humans solve medicine today we do it by increased specialization.
I have a friend who’s going through medical procedures right now where he talks to a first doctor who does an ultrasound but can’t read it so he has to go to a different doctor who doesn’t really have context as to what’s going on. This is not a problem that we can solve by increasing the amount of knowledge that humans have to learn. There’s only so much we can fit in our minds. What we really need are tools that are capable of helping us solve these problems. That’s the kind of thing that we want to apply general intelligence to.
Our goal is to distribute the economic benefits of artificial general intelligence. You can imagine a general intelligence system that can generate huge amounts of value. If you look at the top ten most valuable companies in the world, seven of them are technology companies. We think whoever builds artificial general intelligence will be the number one by a huge margin. It’s really important that those benefits go to everyone rather than being locked up in one place.
Building Powerful Safe and Secure AI Technology
There’s a second part which is it’s really important that you keep these systems safe and secure and that you build them with ethics in the forefront. That’s something that both we and Microsoft are very aligned on doing from the beginning. What it really boils down to is that AI technology is becoming very powerful. That means that there’s both these amazing benefits and these amazing applications. Imagine a personalized tutor that can really understand you that is available for free to every person on the planet. That’s the kind of thing we should be able to build with the kind of systems that we want to create.
You also have to ask the questions of what are the risks. How can they be misused? Today, we already see AI technology, for example, deepfakes, that already has bad implications in the world. How do we maximize those benefits and mitigate the downsides? That’s our goal. Our goal is to push the technology forward and make sure that we’re capturing those benefits while making sure everyone benefits from them. But we also want to make sure that we keep it safe and secure to mitigate the downsides.
AI Computational Power Growing 5 Times Faster Than Moore’s Law
The timelines (of where AI will take us) are always really hard to predict. One story I really like thinking about is just looking, for example, at previous technological innovations. In 1878, Thomas Edison announced that he was going to create the incandescent lamp and gas securities in England fell. So British Parliament put together a commission of distinguished experts who came out to Menlo Park. They checked everything out. They said this isn’t going to work and one year later he shipped. I think that we’re in a similar sort of place here where it’s hard to predict what the future will be like.
We’re in this exponential right now where the computational power that we’re using is growing five times faster than Moore’s Law. What we do know is every year we’re going to have unprecedented AI technologies. We’ve been doing that for seven years and OpenAI has been doing it for three. This year we have systems that can understand and generate text. I think five years from now we should expect that we will have systems that you can really have meaningful conversations with. I think that we should see within a bunch of different domains, a lot of systems that can work with humans to augment what they can do much further than anything we can imagine today.
OpenAI Working With Microsoft To Build AI That Will Change The World – OpenAI co-founder Greg Brockman
“Bitcoin as its implemented and implementation of blockchain and distributed ledger I assert is bad,” says VMware CEO Pat Gelsinger. “Its purpose is almost all illicit and it’s an environmental crisis. This is a terrible implementation of blockchain. I’m not saying that blockchain is bad. I think it is revolutionizing. This is breakthrough innovative technology and how you do distributed secured trust. That’s powerful. We are huge believers strongly committed to blockchain and distributed leverage technology.”
Pat Gelsinger, CEO of VMware, says that Bitcoin is bad, but blockchain, when done right, is revolutionizing in an interview with theCUBE at VMworld 2019 in San Francisco.
Bitcoin is Bad, Blockchain Is Revolutionizing
The idea of distributed ledger technology, immutable distributed trust, I’ve said I think of that, and blockchain is the underlying technology, as almost like public-private key encryption. If we go back 40 years before RSA it’s that important. This is breakthrough innovative technology and how you do distributed secured trust. That’s powerful. We are huge believers strongly committed to blockchain and distributed leverage technology. Why do I make my comments like I do on Bitcoin? Bitcoin as its implemented and implementation of blockchain and distributed ledger I assert is bad. It’s bad for two reasons.
One is it’s an environmental crisis. A single ledger if you and I transacted a penny I would consume enough energy to power your house for half a day. It’s incredible. This is a terrible implementation of blockchain. Secondly, the way it’s also done as well in this totally unregulated environment, almost all of its uses are for illicit and criminal purposes. That’s who’s trading in Bitcoin. So its purpose is almost all illicit and it’s an environmental crisis. I say bad. I’m not saying that blockchain is bad. I think it is revolutionizing. Studies have shown that over 95 percent of the uses of Bitcoin is criminal. Let’s go make it good. Do good engineering and engineer for good.
Partnership With Australian Stock Exchange and Digital Asset
We just announced on Sunday a partnership with the Australian Stock Exchange and Digital Asset. They’re leveraging the VMWare distributed ledger technology as part of their go-forward strategy for the stock exchange in Australia. That’s good. We’re making it suitable for enterprises meeting the regulatory requirements and we’re order plus magnitude better in terms of performance and energy consumption and we’re just getting started.
Bitcoin is Bad, Blockchain Is Revolutionizing, Says VMware CEO Pat Gelsinger
“5G brings a couple of things,” says Avast CEO Ondrej Vlcek. “One is the density of the network which is enabling things like IoT, the Internet of Things. That’s an exciting thing but also poses some new security risks. Second is speed of connectivity which we all want and which we all sort of are hoping to get better. But in terms of timing, it kind of differs geo by geo. East Asia is always ahead in that regard. In Europe, we can realistically expect something within two or three years.”
Ondrej Vlcek, CEO of Avast, discusses new security risks with 5G and how privacy is becoming a big part of their business in a conversation on Bloomberg:
5G Poses Some New Security Risks
There were really two drivers (to our earnings results this quarter). The first one was our consumer direct segment, desktop direct, which grew 12.5 percent. The second was consumer indirect, which is actually powered by both the Jumpshot business that we have as well as the Secure Browser. These were kind of the two main things.
5G brings a couple of things. One is the density of the network which is enabling things like IoT, the Internet of Things. That’s an exciting thing but also poses some new security risks. Second is speed of connectivity which we all want and which we all sort of are hoping to get better. But in terms of timing, it kind of differs geo by geo. East Asia is always ahead in that regard. In Europe, we can realistically expect something within two or three years.
Privacy Is The Other Side Of The Security Coin
I think privacy is a new category. We see it as the other side of the security coin. We are heavily investing in creating privacy-oriented solutions. So actually our portfolio today is not just security, antivirus protection is now actually less than half of our business. Now the second half is made of tools like privacy controls because we see a big opportunity. At the same time, the need is real. Consumers are more and more realizing there are privacy risks in what they are doing online and there is something that needs to be done about that.
I got sort of inspired by the captains from the Silicon Valley such as Google and Facebook. So I gave up my salary and my bonus and I’m only getting compensated by stock which I think is the right thing for the CEO to do. Clearly, my objective is to keep the company growing. We’ve got a great runway and I’m very optimistic, being new in the role and seeing the opportunities. This is a good position to be in.
5G Poses New Security Risks, Says Avast CEO Ondrej Vlcek
“Hopefully, we as a nation can have a clear-eyed focus on what really matters,” says Andy Purdy, the Chief Security Officer of Huawei Technologies USA. “As a senior Qualcomm executive said the other day, you can talk about Huawei but we’ve got to make sure our communication networks are safe. The bad guys can implant malicious functionality in hardware and software from anywhere in the world. The US has to recognize that Senator Blackburn said something that was very important. Potential national security threats to communications are very real.”
Andy Purdy, Chief Security Officer of Huawei Technologies USA, discusses security concerns that the US has with Huawei and they really should be focused on communication security threats that can come from anywhere. Purdy was interviewed on CNBC:
Bad Guys Can Implant Malicious Functionality From Anywhere
Senator Marsha Blackburn is appropriately focusing on the national security implications of our communication networks. Hopefully, we as a nation can have a clear-eyed focus on what really matters. As a senior Qualcomm executive said the other day, you can talk about Huawei but we’ve got to make sure our communication networks are safe. The bad guys can implant malicious functionality in hardware and software from anywhere in the world. As Mr. Sorkin said yesterday, the Senators comments were the first person who’s ever said what she said. In fact, when you hear about the classified briefing that our customers were given, the classified briefings that the United Kingdom and Germany were given, the US government gave no allegations that Huawei has committed any such conduct that the Senator talked about.
I certainly think when that when the Prime Minister of the UK and the Chancellor of Germany came out and said that they’d been briefed by the US and there were no allegations of significant cybersecurity wrongdoing against Huawei (and that this supports that there is no evidence of wrongdoing by Huawei). They said that they intended to use risk mitigation. This is the same kind of risk mitigation that the US government has that allows Ericsson and Nokia to do business in the United States despite their deep ties to China.
Potential National Security Threats To Communications Are Very Real
Absolutely, (Huawei does not implant or embed anything and its networks that would pose a national security risk to the United States). More importantly, the US has to recognize that Senator Blackburn said something that was very important. Potential national security threats to communications are very real. What she talked about was a report in a Bloomberg story not involving Huawei some months back that the bad guys can implant a small amount of code. That’s why we have to make sure that we have tested the products of all vendors to international standards so that there’s trust through verification. But right now tens of thousands of American jobs are at risk now that Huawei is in the crosshairs of these trade talks.
There are companies in China that are government-owned. There are publicly traded companies in China that are majority government-owned. There are companies that are private. Huawei’s the largest privately owned company in China. We have about 80 or 90 thousand shareholders in China who vote to elect the governing board. Clearly, our founder Mr. Ren, who has less than two percent, he controls the company just as some of the founders and owners of other companies control with a minority interest. But we are completely privately owned. Again, we’ve got a look at the national security and the economic impact. Tens of thousands of jobs of those who supply Huawei, $11 million last year, and 40 to 50 thousand US jobs could go away if those companies can’t sell to Huawei. There’s no national security threat there.
Our outside legal experts have said and that the Chinese government has confirmed that there is no such law that has that effect (of allowing Chinese government spying). The fact is the US government does not believe the law has any relevance whatsoever. The US government believes that China is not a rule of law nation so that the government will do whatever they want. That’s why there need to be programs like the risk mitigation programs overseen by the US government that allow Ericsson and Nokia to do business in the United States without limitation. We’re not talking about without limitation for Huawei. We’re talking about trying to continue to support our 40 rural tier-3 wireless and wireline customers serving rural America and the thousands of jobs there that are at risk.
Nation-States Can Virtually Implant Hidden Functionality
Absolutely, (the supply chain) should be a worry. That’s why when you look at the operations of Nokia, for example, in China, with the joint venture with Shanghai Bell, which is owned by the China government, the deep research and development manufacturing and assembly that takes place by Nokia, despite that they’re allowed to do business in the United States without limitation. This is because it’s a government monitored collection of agencies that monitor and test the products. At this point, the US government won’t even talk with us about those kinds of risk mitigation mechanisms that had been proven to be satisfactory to the US government despite those deep ties with China.
What I’m saying is there are proven risk mitigation mechanisms, hardcore mechanisms, that are done. We do it in the UK, we do it in in Germany. In Brussels, we have a center where government and companies can come in and evaluate our products. Nokia and Ericsson products are evaluated very closely in the US. We’re just suggesting that our products and all other products need to be tested because there are five or six nation-states that can virtually implant hidden functionality in products. We as a nation can’t just be worried about Huawei, we’ve got to be worried about all the equipment. We believe those mechanisms are in place and we just want to talk with the government. We’d like to be able to show them that we can do that.
Bad Guys Can Implan Malicious Functionality From Anywhere, Says Huawei Security Chief Andy Purdy
“In general, Libra is a force for good,” says PayPal Co-Founder and Affirm CEO Max Levchin. “It’s a really interesting experiment. I’m glad they’re doing it in a way that isn’t just Facebook because of all the headwind that Facebook has experienced with the regulators. There are many questions to ask about the practical applications. For example, if you are buying into Libra, does that create more opportunities to do as we call it, money fraud, or not?”
Max Levchin, PayPal co-founder and Affirm CEO, discusses Facebook’s Libracryptocurrency and how that is a good example of the use of blockchain technology in an interview on Bloomberg Technology:
Blockchain Technology Is Inevitable
I agree with David Marcus (the Co-creator of Libra and Head of Calibra) from his testimony where he very aptly pointed out that blockchain technology is inevitable. It’s been a hammer looking for nails for quite some time. We’re now starting to see real applications to the blockchain tech. I’m not speaking of Bitcoin or any one particular currency, just the idea of a public ledger is a very powerful idea. It will get put to good use. I think Libra is a good example of good use.
The most obvious application where Libre as a concept is being brought down to an individual level is cross-border payments. You could make some very very cheap remittances happen. If you look at costs being charged by companies to send money back home from wherever you are, you will see they’re making some enormous spreads. There are plenty of startups trying to attack that, like TransferWise where I’m an investor, for example. They’ve done a wonderful job in Europe. I think Libra could potentially just massively compress fees in that market and that’ll be very good.
Libra Is a Force For Good
In general, Libra is a force for good. It’s a really interesting experiment. I’m glad they’re doing it in a way that isn’t just Facebook because of all the headwind that Facebook has experienced with the regulators. But there are many many other questions to ask about the practical applications. For example, if you are buying into Libra, does that create more opportunities to do as we call it, money fraud, or not? It’s going to be a set of open problems for quite some time.
It’s the job of the US regulators to not trust large companies or any companies. I think their job is to audit, to regulate, and to provide equal treatment under the rule of law for everyone. Libra is a particularly interesting one because it’s not just a company, it’s Facebook’s sort of initiating this thing, and there’s this giant group of other companies coming together to govern it. So it perhaps is more complicated to regulate.
But I think, yes, government should take an extremely active stance in regulating this thing that Libre is and will be. Within that, they should not rely on this notion that Facebook is going to be a good company. They may be and I’m sure they will be, but they’re also going to act in their best interest. That is the assumption of a smart regulator. Companies will do the thing they need to do and our job is to protect consumers and make sure of equal competition.
Breaking Up Facebook Is a Terrible Idea
The real question that lawmakers are asking about Facebook, is it too big? That’s the underlying dynamic that they’re trying to explore. That question is a much harder question to answer. It is very very big. It is bigger than most nations. So in that sense, I think they’re right. It is hard to say Facebook is too big if you step back and ask who do they compete with. If you actually compare them to, for example, Chinese companies that they go up against in a world of ad spend, companies like Tencent are just are gargantuan. And Tencent is not at risk of being broken up by the Chinese government from last I checked. If you want a Facebook to compete to with companies like Tencent successfully I think breaking them up seems like a counterintuitive thing to do.
I think Facebook and all US company should absolutely be regulated. There’s a huge difference between being regulated and abiding by the set of laws and regulations and antitrust and all the stuff that the US government’s amassed over the last couple hundred years of how to behave in a sane way in a capitalist society with the rule of law. But breaking Facebook up does, in fact, hurt its ability to compete, internationally most importantly. I think breaking it up is a terrible idea, regulating it is exactly what the US government should be doing, and they should do a better job by the way.
Facebook’s Libra Is a Force For Good, Says PayPal Co-Founder Max Levchin
