FireEye Q1 earnings in-line with expectations, but outlook light

FireEye, one of the largest and most prominent security companies on the market, reported its fiscal first quarter earnings after the bell Tuesday.

The cybersecurity giant reported first quarter loss of $78.3 million, or 38 cents a share, on revenues of $210 million (statement). FireEye reported a loss of 3 cents per share on an non-GAAP basis, in line with Wall Street expectations

FireEye’s chief executive Kevin Mandia said the company “met or exceeded our guidance ranges for all key financial metrics” for the quarter.

The company had a good quarter news-wise. In March, the company debuted its secure email gateway, released its new Windows virtual machine-based malware analysis platform, and continued to publish groundbreaking new research on prominent threat groups as well as keeping on top of global cyberattack efforts.

And, just after the quarter closed earlier this month, the company revealed a second intrusion from a nation-state backed hacker group it calls Triton.

Looking ahead, FireEye said it expects to report second quarter non-GAAP earnings between 1 cent and 3 cents with revenue between $212 and 216 million. Wall Street was expecting a second quarter outlook of 4 cents per share on revenues of $216 million.

For the full year, FireEye is expecting revenues between $880 million and $890 million.

FireEye closed the day at $16.02, up more than 1 percent. In after-hours trading, the company was trending up.

via Click on the link for the full article

Golden unveils a Wikipedia alternative focused on emerging tech and startups

Jude Gomila, who previously sold his mobile advertising company Heyzap to RNTS Media, is taking on a new challenge — building a “knowledge base” that can fill in Wikipedia’s blind spots, particularly when it comes to emerging technologies and startups.

While Gomila is officially launching Golden today, it’s already full of content about things like the latest batch of Y Combinator startups and morphogenetic engineering. And it’s already raised $5 million from Andreessen Horowitz, Gigafund, Founders Fund, SV Angel, Liquid 2 Ventures/Joe Montana, plus a long list of individual angel investors including Gomila’s Heyzap co-founder Immad Akhund.

To state the obvious: Wikipedia is an incredibly useful website, but Gomila pointed out that notable companies and technologies like SV Angel, Benchling, Lisk and Urbit don’t currently have entries. Part of the problem is what he called Wikipedia’s “arbitrary notability threshold,” where pages are deleted for not being notable enough. (Full disclosure: This is also what happened year ago to the Wikipedia page about yours truly — which I swear I didn’t write myself.)

Perhaps that threshold made sense when Wikipedia was just getting started and the infrastructure costs were higher, but Gomila said it doesn’t make sense now. In determining what should be included in Golden, he said the “more fundamental” question is more about existence: “Does this company exist? Does Anthony Ha exist?” If so, there’s a good chance that it should have a page on Golden, at least eventually.

In his blog post outlining his vision for the site, Gomila wrote:

We live in an age of extreme niches, an age when validation and completeness is more important than notability. Our encyclopedia on Golden doesn’t have limited shelf space — we eventually want to map everything that exists. Special relativity was not notable to the general public the moment Einstein released his seminal paper, but certainly was later on — could this have been the kind of topic to be removed from the world’s canon if it was discovered today?

Golden homepage

Gomila said he’s also bringing some new technologies and fresh approaches to the problem. Some of this is pretty straightforward, like allowing users to embed video, academic appears and other multimedia content onto Golden pages.

At the same time, he’s hoping to make it much easier to write and edit Golden pages. You do so in a WYSIWYG editor that doesn’t require you to know any HTML, and the site will help you with automated suggestions, for example pulling out author and title information when you’re adding a link to another site.

Gomila said that this will allow users to work much more quickly, so that “one hour spent on Golden is effectively 100 hours on other platforms.”

There’s also an emphasis on transparency, which includes features like “high resolution citations” (citations that make it extra clear which statement you’re trying to provide evidence for) and the fact that Golden account names are tied to your real identity — in other words, you’re supposed to edit pages under your own name. Gomila said the site backs this up with bot detection and “various protection mechanisms” designed to ensure that users aren’t pretending to be someone they’re not.

“I’m sure there will always be trolls up their usual tricks, but they will be on the losing side,” he told me.

AI Suggestions

If you think someone has added incorrect or misleading information to a page, you can flag it as an issue. Gomila suggested AI could also play a more editorial role by pointing out when someone is using language that’s biased or seems too close to marketing-speak.

“AI can have bias and humans can have bias,” he acknowledged, but he’s hoping that both elements working together can help Golden get closer to the truth. He added that “rather than us editorially changing things, our team will act like normal users” who can edit and flag issues.

Golden is available to users for free, without advertising. Gomila said his initial plan for making money is charging investment funds and large companies for a more sophisticated query tool.

via Click on the link for the full article

Oculus announces a VR subscription service for enterprises

Oculus is getting serious about monetizing VR for enterprise.

The company has previously sold specific business versions of the headsets, but now they’re adding a pricey annual device management subscription.

Oculus Go for business starts at $599 (64 GB) and the enterprise Oculus Quest starts at $999 (128 GB). These fees include the first year of enterprise device management and support which goes for $180 per year per device.

Here’s what that fee gets you:

This includes a dedicated software suite offering device setup and management tools, enterprise-grade service and support, and a new user experience customized for business use cases.

The new Oculus for Business launches in the fall.

via Click on the link for the full article

Developers can now verify mobile app users over WhatsApp instead of SMS

Facebook today released a new SDK that allows mobile app developers to integrate WhatsApp verification into Account Kit for iOS and Android. This will allow developers to build apps where users can opt to receive their verification codes through the WhatsApp app installed on their phone, instead through SMS.

Today, many apps give users the ability to sign up using only a phone number — a now popular alternative to Facebook Login, thanks to the social network’s numerous privacy scandals which led to fewer people choosing to use Facebook with third-party apps. Plus, using phone numbers to sign up is common with a younger generation of users who don’t have Facebook accounts — and sometimes barely use email, except for joining apps and services.

When using a phone number to sign in, the app can confirm the user by sending a verification code over SMS to the number provided. The user then enters that code to create their account. This process can also be used when logging in, as part of a multi-factor verification system where a user’s account information is combined with this extra step for added security.

While this process is straightforward and easy enough to follow, SMS is not everyone’s preferred messaging platform. That’s particularly true in emerging markets like India, where 200 million people are on WhatsApp, for example. In addition, those without an unlimited messaging plan are careful not to overuse texting when it can be avoided.

That’s where the WhatsApp SDK comes in. Once integrated into an iOS or Android app, developers can offer to send users their verification code over WhatsApp instead of text messaging. They can even choose to disable SMS verification, notes Facebook.

This is all a part of WhatsApp’s Account Kit, which is a larger set of developer tools designed to allow people to quickly register and login to apps or websites using only a phone number and email, no password required.

This WhatsApp verification codes option has been available on WhatsApp’s web SDK since late 2018, but hadn’t been available with mobile apps until today.

via Click on the link for the full article

Google employees are staging a sit-in to protest reported retaliation

Google employees are staging a sit-in tomorrow to protest the alleged retaliation at the hands of managers toward employees. The plan is to stage the sit-in tomorrow at 11 a.m.

This comes about six months after 20,000 Google employees walked out following the company’s mishandling of sexual harassment allegations.


via Click on the link for the full article

Hackers went undetected in Citrix’s internal network for six months

Hackers gained access to technology giant Citrix’s networks six months before they were discovered, the company has confirmed.

In a letter to California’s attorney general, the virtualization and security software maker said the hackers had “intermittent access” to its internal network from October 13, 2018 until March 8, 2019, two days after the FBI alerted the company to the breach.

Citrix said the hackers “removed files from our systems, which may have included files containing information about our current and former employees and, in limited cases, information about beneficiaries and/or dependents.”

Initially the company said hackers stole business documents. Now it’s saying the stolen information may have included names, Social Security numbers, and financial information.

Citrix said in a later update on April 4 that the attack was likely a result of password spraying, which attackers use to breach accounts by brute-forcing from a list of commonly used passwords that aren’t protected with two-factor authentication.

We asked Citrix how many staff were sent data breach notification letters but a spokesperson did not immediately comment.

Under California law, the authorities must be informed of a breach if more than 500 state residents are involved.

Read more:

via Click on the link for the full article

Why women are indefinitely sharing their locations

New York-based DJ and creative consultant Amrit and I are sitting at a women’s empowerment dinner waiting for her manager, Ramya Velury. Another friend of ours asks where Ramya is. “She said she was getting an Uber 15 minutes ago,” Amrit says as she unlocks her phone to check Ramya’s location.

“She’s still at home!” Ramya and Amrit share their locations with each other indefinitely through Apple’s Find My Friends app, which allows you to see a contact’s location at all times. Most of us have our locations shared with a friend.

One can easily wonder why anyone would want to allow someone complete 24-hour access to their location, especially the type who text “On my way!” before they’ve even stepped foot into the shower. However, women are foregoing privacy among their most trusted friends to offer full access to their location (more specifically, the location of their phone) at all times.

Conveniences by way of technological advances are normalizing a culture of being alone with strangers. Uber launched 10 years ago and multiple ridesharing apps followed. Tinder changed the world of online dating (and dating as a whole) with its millennial-friendly, instantly gratifying match-making. You can connect with someone nearby and be on the way to meet them as soon as you can get out the door.

We talk to strangers online, pay them to get into their cars and meet up with them alone. These developments go against every rule about strangers that our parents imbedded in our childhood brains.

Danueal Drayton, known as the “dating app murderer,” confessed to killing seven women, all of whom he met on dating apps. His criminal trial has been put on hold pending further psychiatric treatment and evaluation after a Los Angeles County judge deemed him incompetent for trial. And 24-year-old Sydney Loofe was murdered after a 2018 Tinder date.

“We utilize a network of industry-leading automated and manual moderation and review tools, systems and processes — and spend millions of dollars annually — to prevent, monitor and remove bad actors who have violated our Community Guidelines and Terms of Use from our app,” a Tinder spokesperson tells me, regarding the measures it takes to keep users safe. “These tools include automatic scans of profiles for red-flag language and images, manual reviews of suspicious profiles, activity and user-generated reports, as well as blocking email addresses, phone numbers and other identifiers.”

While these aren’t necessarily common occurrences, they are real-life horror stories nonetheless.

Sexual assault and sexual misconduct has gotten bad enough within Ubers that the company can no longer ignore it. In 2018, the company released a list of 21 types (categories, not 21 incidents) of sexual misconduct reported by drivers and riders, ranging from explicit gestures to rape.

Uber offers an option where you can share with a friend the status of your ride. The company did not respond to a request for comment about what they’re doing to combat the sexual misconduct within Ubers.

But, that’s just for cars that are actually employed by rideshare apps. Los Angeles resident and self-proclaimed introvert Erika Ramirez pointed to a crime of opportunity when a young woman got into a car that wasn’t her Uber.

“Recently, a 21-year-old woman [Samantha Josephson] was kidnapped and murdered by a man who pretended to be her Uber driver. Unfortunately, it feels like not a day goes by that you don’t hear of a case where a man kills a woman.” (That prompted Uber and Lyft to implement safety features in their apps.)

Conveniences by way of technological advances are normalizing a culture of being alone with strangers.

Ramirez is a freelance journalist and runs her indie publication ILY Magazine mainly from her one-bedroom apartment. “My schedule isn’t too set in stone. I wander to run errands, do laundry, grab food, meet with friends and go on dates at random times of the day or at night,” she says. “To be safe, I share my location with a close girlfriend, in case anything ever goes wrong during any of those instances. I let her know when I’m going on a late snack run or when I’m going on a date with someone.”

Naturally, there are concerns about sharing locations. In 2018, The New York Times reported there were 75 companies that track your location and use, sell or store it. They even illustrated how they were able to get the data and align the anonymous traveling dot to the human it belonged to based on a distinct daily routine.

“When my siblings first asked to share my location with them, I thought they were weird. It’s not like I was doing anything sketchy, but why do you need to know where I am all the time?,” Dr. Brittanny Keeler laments. She was living in Buffalo, N.Y., where she completed her residency and lived for six years. “If someone didn’t see me for 24 hours, the police would be notified. I have a bigger social circle there.”

Now she is an OBGYN in Norwalk, Conn., and newborns don’t adhere to a 9-to-5 work week. “If I deliver babies in the middle of the night, I’m getting out of work at all hours. Here, no one would know I was missing unless I didn’t show up for work.”

It wasn’t an incident or a friend or family member that caused her to reconsider sharing her location. It was one of those horror stories. “I listened to this podcast called Up And Vanished. I think it’s from 2016. It’s about a 30-year-old-woman that left a party and was supposedly going home and was never seen again. I thought to myself, I leave places alone all of the time and hopefully get home. That actual podcast is what prompted me to start sharing my location,” Keeler recalls.

Not at all as a result of Ubers, Tinders and other beneficial disruptive tech, socially, there’s a significant shift in traditional gender norms coinciding with and ultimately utilizing all of these advancements. The percentage of unpartnered adults living alone has risen from 56% in 2007 to 61% in 2017, and women are more likely to live alone than men. Sons are also more likely to live with their parents later in life than daughters, and in 2018, the median age for Americans’ first marriages was the oldest it has ever been, at 30 for men and 28 for women.

Dr. Keeler, Ramirez and Ramya are all unmarried and live alone. Amrit’s boyfriend just moved in after she lived on her own for the majority of her seven years in New York. She’s from Perth, Australia, and her family still lives there.

“Because my family is so far, Ramya is probably the closest to my family and would act responsibly in case of an emergency,” Amrit says. While Ramya is Amrit’s manager, she’s also one of her best friends, and Amrit regularly checks on her location, too. “She always stays out later. If it’s the morning, I’ll check where she is and that she’s made it home.”

It’s not just the number of women living alone that has increased, but more are also traveling alone. As recording artist Tommy Genesis’ tour DJ, it’s not unnatural for Amrit to be traveling as many days as she spends at home in New York. “I’m usually home for two to three weeks and gone for about the same,” she says. Ramirez is nearly bi-coastal, traveling to her former home of New York City once a month and sometimes spending weeks at a time there.

The New York Times just released a discouraging story connecting the dots of dangers the increased number of solo women travelers experience. In it, they highlighted a 2018 study conducted by online hostel booking site Hostelworld that showed a 45 percent increase in solo women travelers from 2015 to 2017. The bottom line of their findings: “Most countries do not comprehensively track violence against female travelers.”

This isn’t to say that women believe sharing their locations with each other will prevent violence against them. However, regardless of their awareness that Apple is not utilizing or sharing their data from Find My Friends, women are in favor of someone they trust to be able to track their every move in case something happens.

It actually may have saved Jaila Gladden’s life. After Jaila’s attacker kidnapped her from outside Atlanta and raped her in her own car, he tasked her with finding a gas station for him to rob, as he planned to take her to Michigan. She convinced him to let her use her phone to do so. She sent her location and alerted her boyfriend what was happening while “looking” for a gas station. Ultimately, police were able to find her, the car and her attacker.

While plenty of users are definitely hot and cold on location services, there is undeniable value and security in knowing someone can find you in case of emergency.

Since 2018, Apple iOS 12 securely and automatically shares location with first responders when U.S. users call 911. Now, iPhone 8s and later have the Emergency SOS feature that requires some setup but ultimately allows for an emergency call to trigger a text to a preselected group of contacts and a location alert to emergency services.

Google also has the iPhone and Android-friendly Google Trusted Contacts App, which allows users to trust and request locations from trusted contacts.

“Not only did I think it was weird that my family wanted to know where I am all the time, but our phones tracking everything in general is creepy to me,” says Dr. Keeler. “I don’t know what data collection I’m contributing to, but I do think it’s necessary for someone to have my location now.”

And it’s because of what Ramirez knows to be true: “Women have been killed by ex-boyfriends, men who’ve forced themselves on them on dates, men whose catcalling were ignored or rejected. Women have to be keenly aware of their surroundings, and sadly have a backup plan in case we are placed in harm’s way.”

via Click on the link for the full article

Open-source software use grows but risks remain, study finds

Open source software makes up more than half of enterprise codebases analyzed in 13 out of 17 industries, according to this year’s Open Source Software Risk Assessment study by the Black Duck Audit Services team at code quality analysis software provider Synopsys. But this increase in use also points to increased risk, as patches to close vulnerabilities often are not applied.

Black Duck Audits revealed open source code in 96 percent of the codebases it analyzed, and in 99 percent of codebases consisted of more than 1,000 files. The marketing tech sector led the way, with an average of 78 percent open-source code in enterprise codebases there. Internet and mobile apps were next at 74 percent, and open source accounted for 70 percent of the codebases in cybersecurity.

The most-used open-source component in 2018 was jQuery, found in 56 percent of the codebases and across almost all industries included in the study. The next most-common components found in the analysis were Bootstrap (40 percent), jQuery UI (32%) and Font Awesome (26%). jQuery, though, was also found to be most likely to have identified vulnerabilities, the study found.

The Black Duck team, which has been analyzing open-source software vulnerabilities in this report for more than 15 years, notes that the communities do a good job of issuing patches, but organizations often don’t apply them because in many cases they are not aware of the open-source components developers are bringing in to enterprise code. The Black Duck Audit Services team has found in its work doing M&A diligence that 95% of scans reveal open source that the enterprise didn’t know was there.

This year’s study found that 60 percent of the codebases analyzed had vulnerabilities, down from 78 percent in 2017. Interestingly, the report found that CVE-2000-0388, a 28-year-old high-risk vulnerability in FreeBSD first disclosed in 1990, is the oldest vulnerability found. In fact, 43 percent of the codebases analyzed in 2018 had vulnerabilities that have been known for more than 10 years.

Further, the study revealed that 85 percent of the open-source components found in enterprise codebases were more than four years out of date, and had no development activity in the past two years.

Another challenge of using open-source is that there can be licensing conflicts. The study found that 68 percent of the codebases used components that had license conflicts, with the most common being GNU General Public License violations. The report noted that this could be because the GPL is one of the most commonly used open-source licenses and one of the most likely to conflict due to its terms of use.

It also found that 38 percent of the components found in enterprise codebases were not licensed, and 32 percent had custom licenses created by the components’ developers that could conflict with the licenses of other components.

In the audit’s conclusion, Synopsys wrote: “Open source offers a plethora of benefits to organizations that use it—but only if they track what open source components they’re using and identify any related security and legal compliance issues.”


The post Open-source software use grows but risks remain, study finds appeared first on SD Times.

via Click on the link for the full article

SD Times news digest: CockroachDB 19.1 is available, JNBridgePro 10 brings Java to .NET Core, Tidelift enhances managed open source platform

Cockroach Labs added enterprise-grade features to the newly released 19.1 version of CockroachDB, a cloud-native, geo-distributed SQL database.

The new version tackles legacy database struggles with transitioning high-value workloads to a globally distributed environment in the cloud.

The features include Change Data Capture (CDC) integration with Kafka for analyzing and visualizing data changes, deeper conformance with corporate security policy via LDAP and cost-based optimization of SQL transaction performance.

“Today we are most proud to enable our users to scale their businesses without scaling their complexity in the process by eliminating many challenges presented by global growth and development,” said Spencer Kimball, the co-founder and CEO of Cockroach Labs.

JNBridgePro 10 brings Java to .NET Core
The newly released version 10 of JNBridgePro, an interoperability tool that connects Java to .NET frameworks, is compatible with .NET Core.

“.NET Core 3.0 is now a mature platform with sufficient features to support JNBridgePro. With JNBridgePro 10, we deliver a solution that helps developers on the front lines of innovation continue to be productive without worrying about cross-platform interoperability,”  said Wayne Citrin, the CTO of JNBridge.

JNBridgePro 10 also supports Visual Studio 2019, which was released on April 2.

According to the company, JNBridgePro is architecture-agnostic so It easily scales from in-process to cross-network, on-premises or in the cloud.

Tidelift enhances managed open source platform
Tidelift announced that over 4,000 open source projects are open to income opportunities for maintainers partnered with with the company.

In addition, the subscription now gets open source dependency analysis with identification and resolution of security, licensing and maintenance issues in direct partnership with open source maintainers.

“We’re partnering with creators and maintainers of a vast array of community-led open source projects to introduce the concept of managed open source, where organizations can save time and reduce risk by paying Tidelift‘s participating maintainers to ensure their packages meet uniform and comprehensive commercial standards,” said Donald Fischer, CEO and co-founder of Tidelift.

Over 4,000 open-source projects across the JavaScript, Python, PHP, Ruby, Java, and .NET ecosystems are eligible for immediate income.

The post SD Times news digest: CockroachDB 19.1 is available, JNBridgePro 10 brings Java to .NET Core, Tidelift enhances managed open source platform appeared first on SD Times.

via Click on the link for the full article

Instagram will now let creators and influencers sell items directly

The monetization hose is on full blast at Instagram now, and today at F-8 Facebook unveiled one of the latest developments on that front. The company said that creators will now be able to tag items to sell them directly to people viewing their posts and Stories.

For now, this will work only on items that are tagged from businesses that are part of the new checkout beta program Instagram is running in the US.

It’s also part of a bigger transactional swing that we’re seeing at Instagram that extends beyond just catering to consumerism and influencers speaking to Instragram’s billion-plus users.

Today Instagram also confirmed that it would be adding donation stickers in Stories — something we reported it was working on several months ago.

The tags that creators and influencers can now add is a significant development on product tagging, which up to now had been reserved just for businesses and brands, not open to individuals.

But the purpose for now doesn’t seem to be to help creators make commissions on those sales. Facebook tells us that “at this time,” creators will not make a cut on any purchases made as a result of anyone clicking on links in their posts (meaning: it may come down the line).

Rather, the point is to cut down on some of the repeat questions that creators get about what they are wearing, and where to buy it. “People are already shopping from creators by asking product questions in comments and Direct,” a spokesperson said. “With the ability to tag products, creators can provide the information their followers are looking for and get back to expressing themselves and sharing what’s on their mind, which will make their followers happy too.”

But they are not getting diddly, either. The spokesperson notes that creators will also receive additional insights with shopping posts, such as engagements and shopping insights. For those who are making a living out of their influencer status, these could help them leverage better deals with those brands longer term.

Instagram will start testing first with a small group of creators over the next few weeks including on the accounts of Gigi Hadid, Kim Kardashian West, Kris Jenner, Kylie Jenner and Leesa Angelique (who runs @saythelees). 

“It’s my job to share beauty secrets and tips,” she said about the new feature. “I’m usually writing long, detailed captions about the latest products I’ve been using. Having this tool just makes it that much easier to let everyone know what I’m wearing and from where – down to the shade.”


via Click on the link for the full article