Australia
Auto Added by WPeMatico
Auto Added by WPeMatico
When Troy Hunt launched Have I Been Pwned in late 2013, he wanted it to answer a simple question: Have you fallen victim to a data breach?
Seven years later, the data-breach notification service processes thousands of requests each day from users who check to see if their data was compromised — or pwned with a hard ‘p’ — by the hundreds of data breaches in its database, including some of the largest breaches in history. As it’s grown, now sitting just below the 10 billion breached-records mark, the answer to Hunt’s original question is more clear.
“Empirically, it’s very likely,” Hunt told me from his home on Australia’s Gold Coast. “For those of us that have been on the internet for a while it’s almost a certainty.”
What started out as Hunt’s pet project to learn the basics of Microsoft’s cloud, Have I Been Pwned quickly exploded in popularity, driven in part by its simplicity to use, but largely by individuals’ curiosity.
As the service grew, Have I Been Pwned took on a more proactive security role by allowing browsers and password managers to bake in a backchannel to Have I Been Pwned to warn against using previously breached passwords in its database. It was a move that also served as a critical revenue stream to keep down the site’s running costs.
But Have I Been Pwned’s success should be attributed almost entirely to Hunt, both as its founder and its only employee, a one-man band running an unconventional startup, which, despite its size and limited resources, turns a profit.
As the workload needed to support Have I Been Pwned ballooned, Hunt said the strain of running the service without outside help began to take its toll. There was an escape plan: Hunt put the site up for sale. But, after a tumultuous year, he is back where he started.
Ahead of its next big 10-billion milestone mark, Have I Been Pwned shows no signs of slowing down.
Even long before Have I Been Pwned, Hunt was no stranger to data breaches.
By 2011, he had cultivated a reputation for collecting and dissecting small — for the time — data breaches and blogging about his findings. His detailed and methodical analyses showed time and again that internet users were using the same passwords from one site to another. So when one site was breached, hackers already had the same password to a user’s other online accounts.
Then came the Adobe breach, the “mother of all breaches” as Hunt described it at the time: Over 150 million user accounts had been stolen and were floating around the web.
Hunt obtained a copy of the data and, with a handful of other breaches he had already collected, loaded them into a database searchable by a person’s email address, which Hunt saw as the most common denominator across all the sets of breached data.
And Have I Been Pwned was born.
It didn’t take long for its database to swell. Breached data from Sony, Snapchat and Yahoo soon followed, racking up millions more records in its database. Have I Been Pwned soon became the go-to site to check if you had been breached. Morning news shows would blast out its web address, resulting in a huge spike in users — enough at times to briefly knock the site offline. Hunt has since added some of the biggest breaches in the internet’s history: MySpace, Zynga, Adult Friend Finder, and several huge spam lists.
As Have I Been Pwned grew in size and recognition, Hunt remained its sole proprietor, responsible for everything from organizing and loading the data into the database to deciding how the site should operate, including its ethics.
Hunt takes a “what do I think makes sense” approach to handling other people’s breached personal data. With nothing to compare Have I Been Pwned to, Hunt had to write the rules for how he handles and processes so much breach data, much of it highly sensitive. He does not claim to have all of the answers, but relies on transparency to explain his rationale, detailing his decisions in lengthy blog posts.
His decision to only let users search for their email address makes logical sense, driven by the site’s only mission, at the time, to tell a user if they had been breached. But it was also a decision centered around user privacy that helped to future-proof the service against some of the most sensitive and damaging data he would go on to receive.
In 2015, Hunt obtained the Ashley Madison breach. Millions of people had accounts on the site, which encourages users to have an affair. The breach made headlines, first for the breach, and again when several users died by suicide in its wake.
The hack of Ashley Madison was one of the most sensitive entered into Have I Been Pwned, and ultimately changed how Hunt approached data breaches that involved people’s sexual preferences and other personal data. (AP Photo/Lee Jin-man, File)
Hunt diverged from his usual approach, acutely aware of its sensitivities. The breach was undeniably different. He recounted a story of one person who told him how their local church posted a list of the names of everyone in the town who was in the data breach.
“It’s clearly casting a moral judgment,” he said, referring to the breach. “I don’t want Have I Been Pwned to enable that.”
Unlike earlier, less sensitive breaches, Hunt decided that he would not allow anyone to search for the data. Instead, he purpose-built a new feature allowing users who had verified their email addresses to see if they were in more sensitive breaches.
“The purposes for people being in that data breach were so much more nuanced than what anyone ever thought,” Hunt said. One user told him he was in there after a painful break-up and had since remarried but was labeled later as an adulterer. Another said she created an account to catch her husband, suspected of cheating, in the act.
“There is a point at which being publicly searchable poses an unreasonable risk to people, and I make a judgment call on that,” he explained.
The Ashely Madison breach reinforced his view on keeping as little data as possible. Hunt frequently fields emails from data breach victims asking for their data, but he declines every time.
“It really would not have served my purpose to load all of the personal data into Have I Been Pwned and let people look up their phone numbers, their sexualities, or whatever was exposed in various data breaches,” said Hunt.
“If Have I Been Pwned gets pwned, it’s just email addresses,” he said. “I don’t want that to happen, but it’s a very different situation if, say, there were passwords.”
But those remaining passwords haven’t gone to waste. Hunt also lets users search more than half a billion standalone passwords, allowing users to search to see if any of their passwords have also landed in Have I Been Pwned.
Anyone — even tech companies — can access that trove of Pwned Passwords, he calls it. Browser makers and password managers, like Mozilla and 1Password, have baked-in access to Pwned Passwords to help prevent users from using a previously breached and vulnerable password. Western governments, including the U.K. and Australia, also rely on Have I Been Pwned to monitor for breached government credentials, which Hunt also offers for free.
“It’s enormously validating,” he said. “Governments, for the most part, are trying to do things to keep countries and individuals safe — working under extreme duress and they don’t get paid much,” he said.
“There have been similar services that have popped up. They’ve been for-profit — and they’ve been indicted.”
Troy Hunt
Hunt recognizes that Have I Been Pwned, as much as openness and transparency is core to its operation, lives in an online purgatory under which any other circumstances — especially in a commercial enterprise — he would be drowning in regulatory hurdles and red tape. And while the companies whose data Hunt loads into his database would probably prefer otherwise, Hunt told me he has never received a legal threat for running the service.
“I’d like to think that Have I Been Pwned is at the far-legitimate side of things,” he said.
Others who have tried to replicate the success of Have I Been Pwned haven’t been as lucky.
“There have been similar services that have popped up,” said Hunt. “They’ve been for-profit — and they’ve been indicted,” he said.
LeakedSource was, for a time, one of the largest sellers of breach data on the web. I know, because my reporting broke some of their biggest gets: music streaming service Last.fm, adult dating site AdultFriendFinder, and Russian internet giant Rambler.ru to name a few. But what caught the attention of federal authorities was that LeakedSource, whose operator later pleaded guilty to charges related to trafficking identity theft information, indiscriminately sold access to anyone else’s breach data.
“There is a very legitimate case to be made for a service to give people access to their data at a price.”
Hunt said he would “sleep perfectly fine” charging users a fee to access their data. “I just wouldn’t want to be accountable for it if it goes wrong,” he said.
Five years into Have I Been Pwned, Hunt could feel the burnout coming.
“I could see a point where I would be if I didn’t change something,” he told me. “It really felt like for the sustainability of the project, something had to change.”
He said he went from spending a fraction of his time on the project to well over half. Aside from juggling the day-to-day — collecting, organizing, deduplicating and uploading vast troves of breached data — Hunt was responsible for the entirety of the site’s back office upkeep — its billing and taxes — on top of his own.
The plan to sell Have I Been Pwned was codenamed Project Svalbard, named after the Norweigian seed vault that Hunt likened Have I Been Pwned to, a massive stockpile of “something valuable for the betterment of humanity,” he wrote announcing the sale in June 2019. It would be no easy task.
Hunt said the sale was to secure the future of the service. It was also a decision that would have to secure his own. “They’re not buying Have I Been Pwned, they’re buying me,” said Hunt. “Without me, there’s just no deal.” In his blog post, Hunt spoke of his wish to build out the service and reach a larger audience. But, he told me, it was not about the money
As its sole custodian, Hunt said that as long as someone kept paying the bills, Have I Been Pwned would live on. “But there was no survivorship model to it,” he admitted. “I’m just one person doing this.”
By selling Have I Been Pwned, the goal was a more sustainable model that took the pressure off him, and, he joked, the site wouldn’t collapse if he got eaten by a shark, an occupational hazard for living in Australia.
But chief above all, the buyer had to be the perfect fit.
Hunt met with dozens of potential buyers, and many in Silicon Valley. He knew what the buyer would look like, but he didn’t yet have a name. Hunt wanted to ensure that whomever bought Have I Been Pwned upheld its reputation.
“Imagine a company that had no respect for personal data and was just going to abuse the crap out of it,” he said. “What does that do for me?” Some potential buyers were driven by profits. Hunt said any profits were “ancillary.” Buyers were only interested in a deal that would tie Hunt to their brand for years, buying the exclusivity to his own recognition and future work — that’s where the value in Have I Been Pwned is.
Hunt was looking for a buyer with whom he knew Have I Been Pwned would be safe if he were no longer involved. “It was always about a multiyear plan to try and transfer the confidence and trust people have in me to some other organizations,” he said.
Hunt testifies to the House Energy Subcommittee on Capitol Hill in Washington, Thursday, Nov. 30, 2017. (AP Photo/Carolyn Kaster)
The vetting process and due diligence was “insane,” said Hunt. “Things just drew out and drew out,” he said. The process went on for months. Hunt spoke candidly about the stress of the year. “I separated from my wife early last year around about the same time as the [sale process],” he said. They later divorced. “You can imagine going through this at the same time as the separation,” he said. “It was enormously stressful.”
Then, almost a year later, Hunt announced the sale was off. Barred from discussing specifics thanks to non-disclosure agreements, Hunt wrote in a blog post that the buyer, whom he was set on signing with, made an unexpected change to their business model that “made the deal infeasible.”
“It came as a surprise to everyone when it didn’t go through,” he told me. It was the end of the road.
Looking back, Hunt maintains it was “the right thing” to walk away. But the process left him back at square one without a buyer and personally down hundreds of thousands in legal fees.
After a bruising year for his future and his personal life, Hunt took time to recoup, clambering for a normal schedule after an exhausting year. Then the coronavirus hit. Australia fared lightly in the pandemic by international standards, lifting its lockdown after a brief quarantine.
Hunt said he will keep running Have I Been Pwned. It wasn’t the outcome he wanted or expected, but Hunt said he has no immediate plans for another sale. For now it’s “business as usual,” he said.
In June alone, Hunt loaded over 102 million records into Have I Been Pwned’s database. Relatively speaking, it was a quiet month.
“We’ve lost control of our data as individuals,” he said. But not even Hunt is immune. At close to 10 billion records, Hunt has been ‘pwned’ more than 20 times, he said.
Earlier this year Hunt loaded a massive trove of email addresses from a marketing database — dubbed ‘Lead Hunter’ — some 68 million records fed into Have I Been Pwned. Hunt said someone had scraped a ton of publicly available web domain record data and repurposed it as a massive spam database. But someone left that spam database on a public server, without a password, for anyone to find. Someone did, and passed the data to Hunt. Like any other breach, he took the data, loaded it in Have I Been Pwned, and sent out email notifications to the millions who have subscribed.
“Job done,” he said. “And then I got an email from Have I Been Pwned saying I’d been pwned.”
He laughed. “It still surprises me the places that I turn up.”
Related stories:
Powered by WPeMatico
With a large proportion of knowledge workers doing now doing their jobs from home, the need for tools to help them feel connected to their profession can be as important as tools to, more practically, keep them connected. Today, a company that helps do precisely that is announcing a growth round of funding after seeing engagement on its platform triple in the last month.
GO1.com, an online learning platform focused specifically on professional training courses (both those to enhance a worker’s skills as well as those needed for company compliance training), is today announcing that it has raised $40 million in funding, a Series C that it plans to use to continue expanding its business. The startup was founded in Brisbane, Australia and now has operations also based out of San Francisco — it was part of a Y Combinator cohort back in 2015 — and more specifically, it wants to continue growth in North America, and to continue expanding its partner network.
GO1 not disclosing its valuation but we are asking. It’s worth pointing out that not only has it seen engagement triple in the last month as companies turn to online learning to keep users connected to their professional lives even as they work among children and house pets, noisy neighbours, dirty laundry, sourdough starters, and the rest (and that’s before you count the harrowing health news we are hit with on a regular basis). But even beyond that, longer term GO1 has shown some strong signs that speak of its traction.
It counts the likes of the University of Oxford, Suzuki, Asahi and Thrifty among its 3,000+ customers, with more than 1.5 million users overall able to access over 170,000 courses and other resources provided by some 100 vetted content partners. Overall usage has grown five-fold over the last 12 months. (GO1 works both with in-house learning management systems or provides its own.)
“GO1’s growth over the last couple of months has been unprecedented and the use of online tools for training is now undergoing a structural shift,” said Andrew Barnes, CEO of GO1, in a statement. “It is gratifying to fill an important void right now as workers embrace online solutions. We are inspired about the future that we are building as we expand our platform with new mediums that reach millions of people every day with the content they need.”
The funding is coming from a very strong list of backers: it’s being co-led by Madrona Venture Group and SEEK — the online recruitment and course directory company that has backed a number of edtech startups, including FutureLearn and Coursera — with participation also from Microsoft’s venture arm M12; new backer Salesforce Ventures, the investing arm of the CRM giant; and another previous backer, Our Innovation Fund.
Microsoft is a strategic backer: GO1 integrated with Teams, so now users can access GO1 content directly via Microsoft’s enterprise-facing video and messaging platform.
“GO1 has been critical for business continuity as organizations navigate the remote realities of COVID-19,” said Nagraj Kashyap, Microsoft Corporate Vice President and Global Head of M12, in a statement. “The GO1 integration with Microsoft Teams offers a seamless learning experience at a time when 75 million people are using the application daily. We’re proud to invest in a solution helping keep employees learning and businesses growing through this time.”
Similarly, Salesforce is also coming in as a strategic, integrating this into its own online personal development products and initiatives.
“We are excited about partnering with GO1 as it looks to scale its online content hub globally. While the majority of corporate learning is done in person today, we believe the new digital imperative will see an acceleration in the shift to online learning tools. We believe GO1 fits well into the Trailhead ecosystem and our vision of creating the life-long learner journey,” said Rob Keith, Head of Australia, Salesforce Ventures, in a statement.
Working remotely has raised a whole new set of challenges for organizations, especially those whose employees typically have never before worked for days, weeks and months outside of the office.
Some of these have been challenges of a more basic IT nature: getting secure access to systems on the right kinds of machines and making sure people can communicate in the ways that they need to to get work done.
But others are more nuanced and long-term but actually just as important, such as making sure people remain in a healthy state of mind about work. Education is one way of getting them on the right track: professional development is not only useful for the person to do her or his job better, but it’s a way to motivate people, to focus their minds, and take a rest from their routines, but in a way that still remains relevant to work.
GO1 is absolutely not the only company pursuing this opportunity. Others include Udemy and Coursera, which have both come to enterprise after initially focusing more on traditional education plays. And LinkedIn Learning (which used to be known as Lynda, before LinkedIn acquired it and shifted the branding) was a trailblazer in this space.
For these, enterprise training sits in a different strategic place to GO1, which started out with compliance training and onboarding of employees before gravitating into a much wider set of topics that range from photography and design, through to Java, accounting, and even yoga and mindfulness training and everything in between.
It’s perhaps the directional approach, alongside its success, that have set GO1 apart from the competition and that has attracted the investment, which seems to have come ahead even of the current boost in usage.
“We met GO1 many months before COVID-19 was on the tip of everyone’s tongue and were impressed then with the growth of the platform and the ability of the team to expand their corporate training offering significantly in North America and Europe,” commented S. Somasegar, managing director, Madrona Venture Group, in a statement. “The global pandemic has only increased the need to both provide training and retraining – and also to do it remotely. GO1 is an important link in the chain of recovery.” As part of the funding Somasegar will join the GO1 board of directors.
Notably, GO1 is currently making all COVID-19 related learning resources available for free “to help teams continue to perform and feel supported during this time of disruption and change,” the company said.
Powered by WPeMatico
Ettitude, the Los Angeles-based, direct-to-consumer startup making sustainable bedding and sleepwear from bamboo fibers, has raised a sustainably sized round that should keep the company going even in the face of an economic recession.
Co-founded by the Melbourne, Australia native Phoebe Yu and serial entrepreneur Kat Dey, ettitude sells high-end bamboo bedding made using a process she first heard about in her old job working as an exporter helping chain stores source textiles in China.
Sourced from a factory in Zhejiang, China, near Shanghai, the bamboo textiles are made using non-toxic solvents and a closed-loop system that reuses water for the process, according to Yu.
Yu started selling the cleanBamboo-branded bedding under the ettitude label in Melbourne first, but when she saw the orders begin to pick up from the U.S. she relocated and took her company with her.
Upon arrival, Yu realized she’d need a strong co-founder with experience in branding to help her navigate the massive market in the U.S. So Yu turned to AngelList, which is where she found Dey.
A serial entrepreneur with a background in retail, whose first company TryTheWorld was acquired by EarthBox in 2017, Dey was looking for her next project.
“Phoebe sent me a sample and I had the best night of sleep in my life,” Dey said. From then on the two co-founders began the long, hard slog of marketing their business.
Sales are growing, according to the two women, and the company’s chances have certainly been improved by the capital infusion from Drumbeat Ventures and TA Ventures, a European female-founded fund focusing on technology innovation.
The $1.6 million financing will be used to boost sales and marketing as the company expands beyond bedding — with an average price of $178 for a queen-sized sheet set — and into sleepwear and other categories.
“Phoebe, Kat and their brand, ettitude, are as genuine a combination of passion, purpose, and proprietary product that I’ve seen in the marketplace in my 20 years,” said Drumbeat Ventures founder, Adam Burgoon, in a statement. “They are perfectly positioned to bring their mission of sustainability and comfort to a broader audience.”
Powered by WPeMatico
The UK may be rethinking its decision to shun Apple and Google’s API for its national coronavirus contacts tracing app, according to the Financial Times, which reported yesterday that the government is paying an IT supplier to investigate whether it can integrate the tech giants’ approach after all.
As we’ve reported before coronavirus contacts tracing apps are a new technology which aims to repurpose smartphones’ Bluetooth signals and device proximity to try to estimate individuals’ infection risk.
The UK’s forthcoming app, called NHS COVID-19, has faced controversy because it’s being designed to use a centralized app architecture. This means developers are having to come up with workarounds for platform limitations on background access to Bluetooth as the Apple-Google cross-platform API only works with decentralized systems.
The choice of a centralized app architecture has also raised concerns about the impact of such an unprecedented state data grab on citizens’ privacy and human rights, and the risk of state ‘mission creep‘.
The UK also looks increasingly isolated in its choice in Europe after the German government opted to switch to a decentralized model, joining several other European countries that have said they will opt for a p2p approach, including Estonia, Ireland and Switzerland.
In the region, France remains the other major backer of a centralized system for its forthcoming coronavirus contacts tracing app, StopCovid.
Apple and Google, meanwhile, are collaborating on a so-called “exposure notification” API for national coronavirus contacts tracing apps. The API is slated to launch this month and is designed to remove restrictions that could interfere with how contact events are logged. However it’s only available for apps that don’t hold users’ personal data on central servers and prohibits location tracking, with the pair emphasizing that their system is designed to put privacy at the core.
Yesterday the FT reported that NHSX, the digital transformation branch of UK’s National Health Service, has awarded a £3.8M contract to the London office of Zuhlke Engineering, a Switzerland-based IT development firm which was involved in developing the initial version of the NHS COVID-19 app.
The contract includes a requirement to “investigate the complexity, performance and feasibility of implementing native Apple and Google contact tracing APIs within the existing proximity mobile application and platform”, per the newspaper’s report.
The work is also described as a “two week timeboxed technical spike”, which the FT suggests means it’s still at a preliminary phase — thought it also notes the contract includes a deadline of mid-May.
The contracted work was due to begin yesterday, per the report.
We’ve reached out to Zuhlke for comment. Its website describes the company as “a strong solutions partner” that’s focused on projects related to digital product delivery; cloud migration; scaling digital platforms; and the Internet of Things.
We also put questions arising from the FT report to NHSX.
At the time of writing the unit had not responded but yesterday a spokesperson told the newspaper: “We’ve been working with Apple and Google throughout the app’s development and it’s quite right and normal to continue to refine the app.”
The specific technical issue that appears to be causing concern relates to a workaround the developers have devised to try to circumvent platform limitations on Bluetooth that’s intended to wake up phones when the app itself is not being actively used in order that the proximity handshakes can still be carried out (and contacts events properly logged).
Thing is, if any of the devices fail to wake up and emit their identifiers so other nearby devices can log their presence there will be gaps in the data. Which, in plainer language, means the app might miss some close encounters between users — and therefore fail to notify some people of potential infection risk.
Recent reports have suggested the NHSX workaround has a particular problem with iPhones not being able to wake up other iPhones. And while Google’s Android OS is the more dominant platform in the UK (running on circa ~60% of smartphones, per Kantar) there will still be plenty of instances of two or more iPhone users passing near each other. So if their apps fail to wake up they won’t exchange data and those encounters won’t be logged.
On this, the FT quotes one person familiar with the NHS testing process who told it the app was able to work in the background in most cases, except when two iPhones were locked and left unused for around 30 minutes, and without any Android devices coming within 60m of the devices. The source also told it that bringing an Android device running the app close to the iPhone would “wake up” its Bluetooth connection.
Clearly, the government having to tell everyone in the UK to use an Android smartphone not an iPhone wouldn’t be a particularly palatable political message.
This is effectively a form of Android Herd Immunity: for the good of Britain, vaccinate your friends by giving them Androids!
— Michael Veale (@mikarv) May 5, 2020
One source with information about the NHSX testing process told us the unit has this week been asking IT suppliers for facilities or input on testing environments with “50-100 Bluetooth devices of mixed origin”, to help with challenges in testing the Bluetooth exchanges — which raises questions about how extensively this core functionality has been tested up to now. (Again, we’ve put questions to the NHSX about testing and will update this report with any response.)
Work on planning and developing the NHS COVID-19 app began March 7, according to evidence given to a UK parliamentary committee by the NHSX CEO’s, Matthew Gould, last month.
Gould has also previously suggested that the app could be “technically” ready to launch in as little as two or three weeks time from now. While a limited geographical trial of the app kicked off this week in the Isle of Wight. Prior to that, an alpha version of the app was tested at an RAF base involving staff carrying out simulations of people going shopping, per a BBC report last month.
Gould faced questions over the choice of centralized vs decentralized app architecture from the human rights committee earlier this week. He suggested then that the government is not “locked” to the choice — telling the committee: “We are constantly reassessing which approach is the right one — and if it becomes clear that the balance of advantage lies in a different approach then we will take that different approach. We’re not irredeemably wedded to one approach; if we need to shift then we will… It’s a very pragmatic decision about what approach is likely to get the results that we need to get.”
However it’s unclear how quickly such a major change to app architecture could be implemented, given centralized vs decentralized systems work in very different ways.
Additionally, such a big shift — more than two months into the NHSX’s project — seems, at such a late stage, as if it would be more closely characterized as a rebuild, rather than a little finessing (as suggested by the NHSX spokesperson’s remark to the FT vis-a-vis ‘refining’ the app).
In related news today, Reuters reports that Colombia has pulled its own coronavirus contacts tracing app after experiencing glitches and inaccuracies. The app had used alternative technology to power contacts logging via Bluetooth and wi-fi. A government official told the news agency it aims to rebuild the system and may now use the Apple-Google API.
Australia has also reported Bluetooth related problems with its national coronavirus app. And has also been reported to be moving towards adopting the Apple-Google API.
While, Singapore, the first country to launch a Bluetooth app for coronavirus contacts tracing, was also the first to run into technical hitches related to platform limits on background access — likely contributing to low download rates for the app (reportedly below 20%).
Powered by WPeMatico
In a small suburb of Melbourne, two entrepreneurs are developing a technology that could mean big changes for the packaging industry.
Stuart Gordon and Mark Appleford are the co-founders of Varden, a company that has developed a process to take the waste material from sugarcane and convert it into a paper-like packaging product with the functional attributes of plastic.
Their technology managed to grab the attention of — and $2.2 million in funding from — Horizons Ventures, the venture capital fund managing the money of Li Ka-shing, one of the world’s wealthiest men.
It’s an opportune time to launch a novel packaging technology, as the European Union has already instituted a ban on single-use plastic items, which will go into effect in 2021. Taking their lead, companies like Nestlé and Walmart have pledged to use only sustainable packaging for products beginning in 2025.
The environmental toll that packaging takes on the earth’s habitats is already a concern for many, and the urgency to find a solution is only mounting with consumers and businesses actually producing more waste in the rush to change consumer behavior and socially distance as a result of the COVID-19 global pandemic.
“I like technologies that focus on carbon reductions,” said Chris Liu, Horizons Ventures’ representative in Australia.
A longtime tech and product executive who had stints at Intel and Fjord, a digital design studio, Liu relocated to Australia recently and has actually taken himself off the grid.
Living in Western Australia, the climate emergency was brought directly to the top of Liu’s mind when the wildfires, which raged through the country, came within two kilometers of his new home.
For Mark Appleford, it wasn’t so much the fires as it was the garbage that kept washing up on the shores of his beloved beaches.
Over beers at a barbecue he began talking to his eventual co-founder, Stuart Gordon, about the environmental problem they’d solve if they had the ability to change things. They settled on plastics.
Working in Appleford’s laundry room they started developing the technology that would become Varden. That early laundry room-work in 2015 led to a small seed round and the company’s long slog to get an initial product in the hands of test customers.
Finagling some time with the New Zealand manufacturer Fisher and Paykel, the two co-founders put together an early prototype of their coffee pods made from sugarcane bagasse, a waste byproduct of the sugar feedstock.
“We worked backwards through customers to supply chain, which led us to material selection, which was something that would allow us to create a product that people understood,” said Gordon.
The production process has evolved to fit inside a 40-foot container that holds the firm’s machine, which takes agricultural waste and converts that waste into packaging.

Instead of using rollers like a paper mill, Varden’s technology uses a thermoform to mold the plant waste into a product that has the same properties as plastic.
It removes a complicated step that’s been essential to the current crop of bioplastics, which use bacteria to convert plant waste into plastic substitutes that are then sold to the industry.
“It looks like paper… you can tear it in half and it sounds like paper when you rip it, and you can throw it in the bin,” said Appleford.
Gordon said that the company’s containers are outperforming commodity based plastics. And the first target for replacement, the founders said, is coffee capsules.
“We went for coffee because it’s the hardest,” said Appleford.
It’s also a huge market, according to the company. Varden estimates there are more than 20 billion coffee pods consumed every year.
With the new money, Varden will begin manufacturing at scale to meet initial demand from pilot customers and is hoping to expand its product line to include medical blister packs in addition to the coffee pods.
“A pilot plant on the products we’re looking at is a pilot plant that can generate 20 million units a year,” said Gordon.
Both men are hoping that their product — and others like it — can usher in a generation of new sustainable packaging materials that are better for the environment at every stage of their life cycle.
“The next generation of packaging will be better… there are plant-based flexibles for your salads, for your potato chips… [But] the next generation of molded packaging is us… bioplastic will ultimately go.”
Powered by WPeMatico
Sonos has launched its first in-house music streaming offering: Sonos Radio, a digital streaming radio service that includes both existing radio stations from TuneIn and iHeartRadio, as well as its own original programming through three new products including two ad-free offerings and one ad-supported option.
The original streaming options from Sonos include Sonos Sound System; an ad-free single station hosted by Sonos itself, that will play “new and well-known” music, along with snippets of stories from artists about their music, as well as hours guest-hosted by select artists themselves. Sonos says this is all about mixing crowd-pleasers with the occasional song you might’ve missed, in a bid to create a single stream that will have broad appeal.
There’s also Artist Stations, which also don’t have any ads, and which are hand-curated by artists and feature a selection of songs they love or that have inspired them. The first such station, debuting with the Sonos Radio launch, is Thom Yorke’s ‘In the Absence Thereof…’, and there are more to follow in the “coming weeks,” including stations from Brittany Howard of Alabama Shakes, David Byrne and more.
The final component of the original Sonos streaming content is Sonos Stations, which include over 30 dedicated genre stations. These are also free, but are ad-supported, so you’ll hear the occasional promotional message throughout the stream, kind of like you get with Spotify’s free tier.
To date, Sonos has acted strictly as an integrator for the services of others, operating the platform layer to provide in-house, multi-room streaming via its Sonos speaker and audio equipment products. This marks its first foray into doing something on the services side, so it’s a big change. I asked about whether this signals further moves into streaming, including through a potential paid premium offering with on-demand content, which would more directly compete with some of its biggest partners including Apple, Google and Spotify, and Sonos Product Marketing Director Ryan Richards didn’t shut the door on that possibility.
“This is about lean-back listening, it’s about discovery,” he said. “There are a lot of options for active listening out there, too, and so what we’re really focused on is first and foremost making the best possible radio service for our customers. In the future, we’ll see how that changes, but that’s what we’re focused on now.”
At launch, the global radio option backed by iHeartRadio and TuneIn will be available globally, but Sonos Radio’s original products will only be available in the U.S., Canada, the U.K., Ireland and Australia, with the company planning to expand availability in future. Its in-house offerings are powered by a deal with Napster to use their streaming catalog, and Richards told me that that arrangement also bounds the availability of the services. Sonos is working on signing up additional streaming licensing partners for an expanded geographic footprint and catalogue size, however.
The new Sonos Radio features won’t be compatible with voice control via either Google Assistant or Amazon’s Alexa on Sonos hardware that supports that at launch, though Richards says the company is looking at adding that as a future feature update. Sonos also acquired a startup that built its own smart voice assistant last November, so that could potentially still result in another in-house offering to lessen its reliance on partners at some point in the future.
To get access, anyone with a Sonos system should see the new offering in their Sonos app via a software update available today.
Powered by WPeMatico
Energy demand has fallen globally. Oil prices are plummeting. Everywhere in the energy world things look fairly grim, but keeping the lights on and electrons moving remains critical to keeping even the hobbled economies of the world humming.
That’s why startups like Amperon, which use data analysis to provide predictive tools for energy retailers and grid operators, are still relevant — and still raising money.
The company raised $2 million in a round that closed in February before the pandemic hit U.S. shores. And the service, according to co-founder Abe Stanway, is still vital.
“We tell them how much electricity their customers are going to use on a short-term and long-term basis,” Stanway said of the company’s service. “When these exogenous shocks and black swan events occur we get much more valuable because you need this machine learning in order to understand how the grid is going to behave.”
The value proposition was clear to investors like Blackhorn Ventures, which led the round, and other backers, including Garuda Ventures, Intelis Capital, Powerhouse Ventures, SK Ventures and V1.VC.
“Amperon builds real-time operational grid intelligence tools via smart meters and AI for utilities, energy retailers, grid operators and institutional traders,” said Emily Kirsch, Powerhouse founder and chief executive. “Amperon’s iterative demand forecasting is able to account for never-before-seen grid volatility resulting from a global pandemic, climate disasters or an increasingly complex grid.”
Amperon is working with four major geographies, including Australia’s two major grid regions and the ERCOT regional transmission organization responsible for Texas, and PJM, which manages the mid-Atlantic’s electricity grid.
Stanway said the new money would be used to expand the company’s reach across more grid operators in the U.S.
While Amperon’s technology is incredibly useful for utilities and grid operators during times of crisis, it can help save money in normal times too. Long-term utility planners typically over-budget their energy needs by 1% every year, which adds up to billions of dollars spent on unnecessary additional generation capacity, according to Amperon.
Lower spending means reduced electricity prices for consumers. Another issue that Amperon says it can help energy providers address is the increasing complexity of grid management. Renewable energy generation adds variability to the grid that utilities and grid operators have yet to effectively manage, the company said.
Powered by WPeMatico
Airwallex, a Melbourne-based cross-border financial startup that achieved “unicorn” status last year, announced today that it has raised a $160 million Series D. The round included ANZi Ventures, the investment arm of ANZ Bank, and Salesforce Ventures, along with returning investors DST Global, Tencent, Sequoia Capital China, Hillhouse Capital and Horizons Ventures.
Founded in 2015, the company’s financial services include foreign currency accounts that let businesses receive money from around the world. Airwallex’s system uses inter-bank exchanges to trade foreign currencies at a mid-market rate and targets companies that do business in several different countries. The new funding will be used on potential acquisitions; expansion in American, European and Middle Eastern markets; and the launch of new products, including payment acceptance tools.
Airwallex reached a valuation of more than $1 billion last year when it closed its Series C funding, and has now raised a total of $360 million. Since that round, it has launched new operations in Tokyo, Bangalore and Dubai, and introduced products including Airwallex Borderless Cards in partnership with Visa and integration with accounting platform Xero. The company also now offers an API that enables companies to issue their own virtual cards.
In a press statement, Salesforce Ventures’ head of Australia Rob Keith said, “Being able to transact and do business with customers all over the world is a key criteria for companies who are going through a digital transformation. We’re excited to partner with Airwallex at this critical time in its growth, expanding both its footprint globally and its product capabilities.”
Other startups that have also raised funding to help small to medium-sized businesses deal with the challenges of doing trade in different currencies include Brex, another unicorn, and Hong Kong-based Neat.
Powered by WPeMatico
Google Cloud today announced its plans to open four new data center regions. These regions will be in Delhi (India), Doha (Qatar), Melbourne (Australia) and Toronto (Canada) and bring Google Cloud’s total footprint to 26 regions. The company previously announced that it would open regions in Jakarta, Las Vegas, Salt Lake City, Seoul and Warsaw over the course of the next year. The announcement also comes only a few days after Google opened its Salt Lake City data center.
GCP already had a data center presence in India, Australia and Canada before this announcement, but with these newly announced regions, it now offers two geographically separate regions for in-country disaster recovery, for example.
Google notes that the region in Doha marks the company’s first strategic collaboration agreement to launch a region in the Middle East with the Qatar Free Zones Authority. One of the launch customers there is Bespin Global, a major managed services provider in Asia.
“We work with some of the largest Korean enterprises, helping to drive their digital transformation initiatives. One of the key requirements that we have is that we need to deliver the same quality of service to all of our customers around the globe,” said John Lee, CEO, Bespin Global. “Google Cloud’s continuous investments in expanding their own infrastructure to areas like the Middle East make it possible for us to meet our customers where they are.”
Powered by WPeMatico
Cisco today announced that it has acquired Exablaze, an Australia-based company that designs and builds advanced networking gear based on field programmable gate arrays (FPGAs). The company focuses on solutions for businesses that need ultra-low latency networking, with a special emphasis on high-frequency trading. Cisco plans to integrate Exablaze’s technology into its own product portfolio.
“By adding Exablaze’s segment leading ultra-low latency devices and FPGA-based applications to our portfolio, financial and HFT customers will be better positioned to achieve their business objectives and deliver on their customer value proposition,” writes Cisco’s head of corporate development Rob Salvagno.
Founded in 2013, Exablaze has offices in Sydney, New York, London and Shanghai. While financial trading is an obvious application for its solutions, the company also notes that it has users in the big data analytics, high-performance computing and telecom space.
Cisco plans to add Exablaze to its Nexus portfolio of data center switches. The company also argues that in addition to integrating Exablaze’s current portfolio, the two companies will work on next-generation switches, with an emphasis on creating opportunities for expanding its solutions into AI and ML segments.
“The acquisition will bring together Cisco’s global reach, extensive sales and support teams, and broad technology and manufacturing base, with Exablaze’s cutting-edge low-latency networking, layer 1 switching, timing and time synchronization technologies, and low-latency FPGA expertise,” explains Exablaze co-founder and chairman Greg Robinson.
Cisco, which has always been quite acquisitive, has now made six acquisitions this year. Most of these were software companies, but with Acacia Communications, it also recently announced its intention to acquire another fabless semiconductor company that builds optical interconnects.
Powered by WPeMatico