operating system
Auto Added by WPeMatico
Auto Added by WPeMatico
An iPhone hacking team has released a new jailbreak tool for almost every iPhone, including the most recent models, by using the same vulnerability that Apple last month said was under active attack by hackers.
The Unc0ver team released its latest jailbreak this weekend, and says it works on iOS 11 (iPhone 5s and later) to iOS 14.3, which Apple released in December.
Jailbreaking is a cat-and-mouse game between security researchers who want greater control and customizations over their phones, and Apple, which says it locks down iPhones for security. Hackers build jailbreak tools by finding and exploiting vulnerabilities that can lift some of the restrictions that Apple puts in place, like installing apps outside of its app store, which most Android users are already used to.
In a tweet, the jailbreak group said it used its “own exploit” for CVE-2021-1782, a kernel vulnerability that Apple said was one of three flaws that “may have been actively exploited” by hackers. By targeting the kernel, the hackers are able to get deep hooks into the underlying operating system.
Apple fixed the vulnerability in iOS 14.4, released last month, which also prevents the jailbreak from working on later versions. It was a rare admission that the iPhone was under active attack by hackers, but the company declined to say who the hackers were and who they were targeting. Apple also granted anonymity to the researcher who submitted the bug.
The group’s last jailbreak, which supported iPhones running iOS 11 to iOS 13.5, was fixed in a matter of days last year. Apple works quickly to understand and fix the vulnerabilities found by jailbreak groups, since these same vulnerabilities can be exploited maliciously.
Security experts generally advise iPhone users against jailbreaking because it makes the device more vulnerable to attacks. And while keeping your phone up to date may introduce security fixes that remove the jailbreak, it’s one of the best ways of keeping your device secure.
Early Stage is the premiere “how-to” event for startup entrepreneurs and investors. You’ll hear firsthand how some of the most successful founders and VCs build their businesses, raise money and manage their portfolios. We’ll cover every aspect of company-building: Fundraising, recruiting, sales, legal, PR, marketing and brand building. Each session also has audience participation built-in — there’s ample time included in each for audience questions and discussion.
Powered by WPeMatico
Titan, a startup that is building a retail investment management platform aimed at millennials, has closed on $12.5 million in a Series A round led by VC heavyweight General Catalyst.
A bevy of other investors put money in the round, including Sound Ventures (actor Ashton Kutcher and Guy Oseary’s VC firm), Scribble VC, BoxGroup, Y Combinator, South Park Commons, Instagram founder Mike Krieger, Lee Fixel and others.
Titan is hoping to build on the momentum it saw in 2020, during which it grew revenue, customers and assets under management by 600%, “with effectively no marketing budget, according to co-founder Joe Percoco. The New York-based company says it’s approaching $500 million in assets under management and was cash flow positive last year.
Percoco met co-CEO Clay Gardner while the pair were at the Wharton School of the University of Pennsylvania.
“We came from two different backgrounds with respect to investing,” Percoco recalled. “He was the type that bought his first shares of stock at the ages of 11 and 12. I’m the exact opposite and couldn’t invest myself until after Goldman Sachs, where I went to work after Penn.”
Because the duo both worked in the industry, they found that friends and family were always asking them how they should manage their capital.
“We were sending them to ETFs and mutual funds in our day jobs,” Percoco said. “But we realized they did not have the same access to investing that the wealthier did.”
Frustrated with only helping the rich get richer, the pair founded Titan in 2017 with the goal of disrupting what they viewed as “an archaic industry. They’ve since built an operating system aimed at giving “everyday investors access to the types of investment products and experiences that they’ve historically been locked out of.” Or, as they describe, it a mobile version of what investment giants Fidelity and BlackRock created decades ago.
Titan’s capital management platform is designed for both accredited and unaccredited investors. The company says it provides access to services that would historically require a $1 million minimum, such as direct portfolio manager access. It charges a fee amounting to just 1% of assets, compared to the 2% – and in some cases 20% of profits – that legacy players charge.
“We believe Fidelity 2.0 will be direct-to-consumer with no walls and no black boxes,” Percoco said.
(For the unacquainted, according to Investopedia, black box accounting is the deliberate use of complex bookkeeping methodologies to make interpreting financial statements challenging and time-consuming.)
Its simplicity sets it apart. Titan chooses stocks via its “proprietary and discretionary” research process based on the principals’ previous experience.
The startup currently offers two stock-focused strategies on its platform,
One of those strategies, called Flagship, is focused on large cap growth. The other, called Opportunities, focuses on smaller, under-the-radar companies.
Titan’s core customer is the young professional in the 25-35 age range.
“They’re already investing money somewhere, even if not that much of their money,” Gardner said. “But they’re well attuned to the reasons they should be… And, most asset management products remain in the Stone Age, offering 90-page prospectuses and black-box client experiences.”
As former TC editor Josh Constine explained when the company raised a $2.5 million seed round in October 2018, Titan differs from Robinhood or E*Trade, where users essentially are left to fend for themselves. But clients also have some control, unlike passive options such as Wealthfront and Betterment.
Looking ahead, Titan plans to use its new capital to scale its engineering and investment team, as well as make “significant investments” in product, marketing and operations. It also plans to launch several investment products across a variety of asset classes.
“Many legacy players are hungry to have an OS to serve more folks they historically could not,” Percoco said. “We’re getting inbounds from legacy players in the space seeking to manage capital for new generations and realizing it will shift to mobile operating systems like Titan’s. Eventually, we can enable them to build their own investment products on Titan.”
Katherine Boyle, partner at General Catalyst and Titan board member, said she was struck by Percoco and Gardner’s “deep empathy” for investors who are often overlooked — such as millennials and new investors “who have cash sitting in their checking accounts and want expert management but don’t know where to go.”
“They don’t want to be stock pickers but they don’t want a set-it-and-forget-it product,” Boyle said. “There’s another level of sophistication with actively managed products where the best managers are making investment decisions on behalf of those who can afford it. But there’s no reason why retail investors should be excluded from this model.”
She thinks Titan can capitalize on what she believes is millennials’ “deep lack of trust” in legacy institutions.
“We need new institutions like Titan to combat this lack of trust,” Boyle said. “And these new institutions need to have incentives that are aligned with their clients, not with hedge funds or banks.”
Powered by WPeMatico
Picture yourself in the role of CIO at Roblox in 2017.
At that point, the gaming platform and publishing system that launched in 2005 was growing fast, but its underlying technology was aging, consisting of a single data center in Chicago and a bunch of third-party partners, including AWS, all running bare metal (nonvirtualized) servers. At a time when users have precious little patience for outages, your uptime was just two nines, or less than 99% (five nines is considered optimal).
Unbelievably, Roblox was popular in spite of this, but the company’s leadership knew it couldn’t continue with performance like that, especially as it was rapidly gaining in popularity. The company needed to call in the technology cavalry, which is essentially what it did when it hired Dan Williams in 2017.
Williams has a history of solving these kinds of intractable infrastructure issues, with a background that includes a gig at Facebook between 2007 and 2011, where he worked on the technology to help the young social network scale to millions of users. Later, he worked at Dropbox, where he helped build a new internal network, leading the company’s move away from AWS, a major undertaking involving moving more than 500 petabytes of data.
When Roblox approached him in mid-2017, he jumped at the chance to take on another major infrastructure challenge. While they are still in the midst of the transition to a new modern tech stack today, we sat down with Williams to learn how he put the company on the road to a cloud-native, microservices-focused system with its own network of worldwide edge data centers.
Powered by WPeMatico
Google today announced the launch of Android 11, the latest version of its mobile operating system. After a slightly longer public preview, users who own a select number of Pixel devices (starting with the Pixel 2), OnePlus, Xiaomi, OPPO or realme phones will now see the update roll out to their phones in the coming days, with others launching their updates over the next few months.
Android 11 isn’t a radical departure from what you’ve come to expect in recent years, but there are a number of interesting new user-facing updates here that mostly center around messaging, privacy and giving you better control over all of your smart devices.
At the core of the improved messaging and communication features are improved notifications for conversations from your messaging apps. These now live in a dedicated space at the top of the notification shade and feature a more “people-forward design,” as the company describes it. The new Bubbles API now also makes chat bubbles a core part of the Android messaging experience.
One additional feature Google lists under the communications section is screen recording, which is now finally a built-in tool that lets you record what’s happening on your screen, using either the sound from your mic, the device or both. Until now, you needed third-party apps like AZ Screen Recorder for this (and you will still need these for more advanced features like live streaming, for example).
As for controlling your smart devices, Google notes how you now simply long-press your power button to get access to a new menu that gives you access to device controls (similar to what you’d find in the Google Home app, but with a different design), as well as payment methods and your boarding passes, for example. And yes, you can still restart and power off your device from there, too.
Media controls are getting a redesign, too, with the controls moving out of the notifications and to the quick settings bar instead. From there, it is now also easier to choose where you want to play your audio and video.
Over the last few years, the Android team added a number of privacy features to the operating system, but this clearly remains a moving target. With this update, the focus is on app permissions. It’s now easier to provide an app with one-time permissions to access your microphone, camera and location, helping you to ensure that an app won’t have perpetual access to your location, for example. After you haven’t used an app for a while, Android will also reset your permissions and you’ll have to re-grant access to the app the next time you launch it.
On the enterprise side, Google is also launching some new features to help employees who use some personal apps on their work phone keep their personal profile data and activity out of the hands of their company’s IT departments.
If you own a compatible phone, you should see an upgrade notification for Android 11 soon.
Powered by WPeMatico
With the launch of Android 11 getting closer, Google today launched the third and final beta of its mobile operating system ahead of its general availability. Google had previously delayed the beta program by about a month because of the coronavirus pandemic.
Since Android 11 had already reached platform stability with Beta 2, most of the changes here are fixes and optimizations. As a Google spokesperson noted, “this beta is focused on helping developers put the finishing touches on their apps as they prepare for Android 11, including the official API 30 SDK and build tools for Android Studio.”
The one exception is some updates to the Exposure Notification System contact-tracing API, which users can now use without turning on device location settings. Exposure Notification is an exception here, as all other Android apps need to have location settings on (and user permission to access it) to perform the kind of Bluetooth scanning Google is using for this API.
Otherwise, there are no surprises here, given that this has already been a pretty lengthy preview cycle. Mostly, Google really wants developers to make sure their apps are ready for the new version, which includes quite a few changes.
If you are brave enough, you can get the latest beta over the air as part of the Android Beta program. It’s available for Pixel 2, 3, 3a, 4 and (soon) 4a users.
Powered by WPeMatico
In three years Zachariah Reitano’s startup, Ro, has managed to hit a reported $1.5 billion valuation for its transformation from a company focused on treating erectile dysfunction to a telemedicine service for a range of elective and urgent care-focused treatments.
Through Rory for women’s health, Roman for men’s health and Zero for smoking cessation, Reitano and fellow co-founders Saman Rahmanian, and Rob Schutz, built a company that now treats 20 conditions, including sexual health, weight loss, dermatology, allergies and more, according to a statement from the company.
Image Credit: Zero
Ro also has a new pharmacy business, Ro Pharmacy, which is an online cash pay pharmacy offering more than 500 generic medications for just $5 per month per drug. And the company is getting into the weight loss business through a partnership with the private equity-backed healthcare company, Gelesis.
Ro’s also becoming a gateway into patient acquisition for primary care providers through Ribbon Health, and a test-case for the use of Pfizer’s Greenstone service, which provides certification that a generic drug is validated by one of the major pharmaceuticals.
The company’s $1.5 billion valuation is courtesy of a new $200 million investment from existing investors led by General Catalyst and including FirstMark Capital, Torch, SignalFire, TQ Ventures, Initialized Capital, 3L and BoxGroup. New first-time investor The Chernin Group also participated. In all, Ro has raised $376 million since it launched in 2017.
“This new investment will further our mission to become every patient’s first call. We’ll continue to invest in our vertically-integrated healthcare ecosystem, from our Collaborative Care Center to our national pharmacy operating system. This is just the beginning of Ro’s patient-centered healthcare platform.”
It’s all part of the company’s mission to provide a point of entry into the healthcare system independent of insurance qualifications.
“Telehealth companies like Ro are using technology to address long-standing healthcare disparities that have been exacerbated by COVID-19,” said Dr. Joycelyn Elders, MD, Ro Medical Advisor and Former U.S. Surgeon General. “By empowering providers to leverage their skills as efficiently and effectively as possible, Ro delivers affordable, high-quality care regardless of a patient’s location, insurance status, or physical access to physicians and pharmacies.”
Ro’s new financing is one of several forays by tech investors into reshaping the healthcare system at a time when patient care has been severely disrupted by attempts to mitigate the spread of COVID-19.
Digital medicine is assuming a central position in the healthcare world, with most consultations now occurring online. Reimbursement schemes for telemedicine have changed dramatically and investors see an opportunity to capitalize on these changes by aggressively backing the expansion plans of companies looking to bring digital healthcare directly to consumers.
That’s one of the reasons why Ro’s major competitor, Hims, is reported to be seeking access to public markets through its sale to a special purpose acquisition company for roughly $1 billion, according to Reuters.
Powered by WPeMatico
AWS has launched its own open-source operating system for running containers on both virtual machines and bare metal hosts. Bottlerocket, as the new OS is called, is basically a stripped-down Linux distribution that’s akin to projects like CoreOS’s now-defunct Container Linux and Google’s container-optimized OS. The OS is currently in its developer preview phase, but you can test it as an Amazon Machine Image for EC2 (and by extension, under Amazon EKS, too).
As AWS chief evangelist Jeff Barr notes in his announcement, Bottlerocket supports Docker images and images that conform to the Open Container Initiative image format, which means it’ll basically run all Linux-based containers you can throw at it.
One feature that makes Bottlerocket stand out is that it does away with a package-based update system. Instead, it uses an image-based model that, as Barr notes, “allows for a rapid & complete rollback if necessary.” The idea here is that this makes updates easier. At the core of this update process is “The Update Framework,” an open-source project hosted by the Cloud Native Computing Foundation.
AWS says it will provide three years of support (after General Availability) for its own builds of Bottlerocket. As of now, the project is very much focused on AWS, of course, but the code is available on GitHub and chances are we will see others expand on AWS’ work.
The company is launching the project in cooperation with a number of partners, including Alcide, Armory, CrowdStrike, Datadog, New Relic, Sysdig, Tigera, Trend Micro and Waveworks.
“Container-optimized operating systems will give dev teams the additional speed and efficiency to run higher throughput workloads with better security and uptime,” said Michael Gerstenhaber, director of Product Management at Datadog.” We are excited to work with AWS on Bottlerocket, so that as customers take advantage of the increased scale they can continue to monitor these ephemeral environments with confidence.”
Powered by WPeMatico
With the days of desert-themed releases officially behind it, Google today announced the first developer preview of Android 11, which is now available as system images for Google’s own Pixel devices, starting with the Pixel 2.
As of now, there is no way to install the updates over the air. That’s usually something the company makes available at a later stage. These first releases aren’t meant for regular users anyway. Instead, they are a way for developers to test their applications and get a head start on making use of the latest features in the operating system.
“With Android 11 we’re keeping our focus on helping users take advantage of the latest innovations, while continuing to keep privacy and security a top priority,” writes Google VP of Engineering Dave Burke. “We’ve added multiple new features to help users manage access to sensitive data and files, and we’ve hardened critical areas of the platform to keep the OS resilient and secure. For developers, Android 11 has a ton of new capabilities for your apps, like enhancements for foldables and 5G, call-screening APIs, new media and camera capabilities, machine learning, and more.”
Unlike some of Google’s previous early previews, this first version of Android 11 does actually bring quite a few new features to the table. As Burke noted, there are some obligatory 5G features like a new bandwidth estimate API, for example, as well as a new API that checks whether a connection is unmetered so apps can play higher-resolution video, for example.
With Android 11, Google is also expanding its Project Mainline lineup of updatable modules from 10 to 22. With this, Google is able to update critical parts of the operating system without having to rely on the device manufacturers to release a full OS update. Users simply install these updates through the Google Play infrastructure.
Users will be happy to see that Android 11 will feature native support for waterfall screens that cover a device’s edges, using a new API that helps developers manage interactions near those edges.
Also new are some features that developers can use to handle conversational experiences, including a dedicated conversation section in the notification shade, as well as a new chat bubbles API and the ability to insert images into replies you want to send from the notifications pane.
Unsurprisingly, Google is adding a number of new privacy and security features to Android 11, too. These include one-time permissions for sensitive types of data, as well as updates to how the OS handles data on external storage, which it first previewed last year.
As for security, Google is expanding its support for biometrics and adding different levels of granularity (strong, weak and device credential), in addition to the usual hardening of the platform you would expect from a new release.
There are plenty of other smaller updates as well, including some that are specifically meant to make running machine learning applications easier, but Google specifically highlights the fact that Android 11 will also bring a couple of new features to the OS that will help IT manage corporate devices with enhanced work profiles.
This first developer preview of Android 11 is launching about a month earlier than previous releases, so Google is giving itself a bit more time to get the OS ready for a wider launch. Currently, the release schedule calls for monthly developer preview releases until April, followed by three betas and a final release in Q3 2020.
Powered by WPeMatico
Canonical, the company behind the popular Ubuntu Linux distribution, today announced the launch of Anbox Cloud, a new platform that allows enterprises to run Android in the cloud.
On Anbox Cloud, Android becomes the guest operating system that runs containerized applications. This opens up a range of use cases, ranging from bespoke enterprise apps to cloud gaming solutions.
The result is similar to what Google does with Android apps on Chrome OS, though the implementation is quite different and is based on the LXD container manager, as well as a number of Canonical projects like Juju and MAAS for provisioning the containers and automating the deployment. “LXD containers are lightweight, resulting in at least twice the container density compared to Android emulation in virtual machines – depending on streaming quality and/or workload complexity,” the company points out in its announcements.
Anbox itself, it’s worth noting, is an open-source project that came out of Canonical and the wider Ubuntu ecosystem. Launched by Canonical engineer Simon Fels in 2017, Anbox runs the full Android system in a container, which in turn allows you to run Android application on any Linux-based platform.
What’s the point of all of this? Canonical argues that it allows enterprises to offload mobile workloads to the cloud and then stream those applications to their employees’ mobile devices. But Canonical is also betting on 5G to enable more use cases, less because of the available bandwidth but more because of the low latencies it enables.
“Driven by emerging 5G networks and edge computing, millions of users will benefit from access to ultra-rich, on-demand Android applications on a platform of their choice,” said Stephan Fabel, director of Product at Canonical, in today’s announcement. “Enterprises are now empowered to deliver high performance, high density computing to any device remotely, with reduced power consumption and in an economical manner.”
Outside of the enterprise, one of the use cases that Canonical seems to be focusing on is gaming and game streaming. A server in the cloud is generally more powerful than a smartphone, after all, though that gap is closing.
Canonical also cites app testing as another use case, given that the platform would allow developers to test apps on thousands of Android devices in parallel. Most developers, though, prefer to test their apps in real — not emulated — devices, given the fragmentation of the Android ecosystem.
Anbox Cloud can run in the public cloud, though Canonical is specifically partnering with edge computing specialist Packet to host it on the edge or on-premise. Silicon partners for the project are Ampere and Intel .
Powered by WPeMatico
Chinese tech giant Huawei has asked some of the world’s best phone hackers to a secret meeting in Munich later this month as the company tries to curry favor with global governments, TechCrunch has learned.
Sources with knowledge of the November 16 meeting said Huawei will privately present its new bug bounty program, which would allow researchers to get financial rewards for submitting security vulnerabilities. The sources said the bug bounty will be focused on past and future mobile devices, as well as its new mobile operating system, HarmonyOS, Huawei’s Android competitor.
Other phone makers, including Apple, Google and Samsung, also have bug bounties.
The move comes at a time of increased pressure on Huawei over its links to the Chinese government. Huawei has denied U.S.-led claims that it could be forced to spy on behalf of Beijing. But that hasn’t stopped the federal government from imposing sanctions and obstacles from operating in the United States. That pressure has led companies like Google from pulling its support for Android, which Huawei relies on for its phones, prompting the tech giant to find or build alternatives.
One source described the event as similar to a secret meeting hosted by Apple in August, in which the tech giant handed its most prized security researchers special “dev” iPhones to hack and find security weaknesses.
The source said that Huawei’s bug bounty meeting was likely a way to show governments that it’s willing to work with hackers and security researchers to bolster the security of its products.
Huawei, which also makes networking equipment for telecom networks, came under fire by U.K. authorities earlier this year for failing to address “serious and systematic defects” in its software at a time it’s trying to prove its technologies do not pose a national security threat.
Chase Skinner, a spokesperson for Huawei, did not respond to a request for comment.
Powered by WPeMatico