Tech Brew Ride Home - Fri. 10/04 - BAD Android Zero-Day Out There...
Episode Date: October 4, 2019Really bad Android zero-day discovered, is the scooter space back? Apple makes an interesting acquisition, an exoskeleton allows a paralyzed man to walk again and of course, the weekend longreads sugg...estions. Sponsors: PixelUnion.net Election Ride Home podcast Links: Attackers exploit 0-day vulnerability that gives full control of Android phones (ArsTechnica) Bird raises $275 million Series D round at a $2.5 billion valuation (TechCrunch) Apple May Have Acquired Motion Capture Company IKinema [Update: Confirmed] (MacRumors) Apple’s AR plans may come to life after acquiring iKinema motion tech (VentureBeat) A brain-controlled exoskeleton has let a paralyzed man walk in the lab (MIT Technology Review) Weekend Longreads Suggestions: The Off-the-Radar Baseball League That’s Trying to Reboot the Game (GEN) Inside Disney’s New York Stream Factory (Variety) My Time at Snap (@marko_tupper) Dog-walking startup Wag raised $300 million to unleash growth. Then things got messy (CNN Business) Where Toxic Masculinity Goes to Die (The Atlantic) The Fallen Worlds of Philip Pullman (The New Yorker) Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
On April 4th, 2023, around 2 in the morning, a man was found stabbed multiple times on a sidewalk in downtown San Francisco.
Hey, who did this to you?
What happened next turned the story into a political firestorm.
Reports have identified the victim as Bob Lee, the founder of Cash App.
From Bloomberg Podcasts, this is Foundering, the Killing of Bob Lee, beginning April 16.
Welcome to the TechMeme ride home for Friday, October 4th, 2019.
I'm Brian McCullough. Today, really bad Android Zero Day discovered.
Is the Scooter Space back?
Apple makes an interesting acquisition.
An exoskeleton allows a paralyzed man to walk again.
And of course, the weekend long read suggestions.
Here's what you miss today in the world of tech.
A member of Google's own Project Zero Research Group reported late last night that there is an
Android zero-day vulnerability out in the wild that can affect around 18 different models of Android hardware,
including four pixel models. This exploit can give hackers complete control of the phone,
quoting Ars Technica. There's evidence of the vulnerability is being actively exploited,
either by exploit developer NSO group or one of its customers, Project Zero member Maddie Stone,
said in a post. NSO representatives, meanwhile, said the, quote,
exploit has nothing to do with NSO, end quote.
The exploits require little or no customization to fully root vulnerable phones.
The vulnerability can be exploited in two ways.
First, when a target installs an untrusted app or two for online attacks by combining
the exploit with a second exploit targeting a vulnerability in code, the Chrome browser
uses to render content.
The bug is a local privilege escalation vulnerability that allows for a full compromise of a
vulnerable device, Stone wrote.
If the exploit is delivered via the web, it only needs to be paired with a render exploit as this vulnerability is accessible through the sandbox, end quote.
The vulnerability will be patched in the upcoming October Android update, apparently, which is coming in the next few days, maybe sooner because of this.
But until then, the situation is being rated as high severity.
Who is NSO, the group that Google is suggesting as being behind the exploit?
Well, we've actually spoken about them before, quoting ours again.
Israeli-based NSO gained widespread attention with the discoveries in 2016 and 2017 of an advanced piece of mobile spyware it developed called Pegasus.
It jailbreaks or routes both iOS and Android phones, so it can troll through private messages, activate the microphone and camera, and collect all kinds of other sensitive information.
Researchers from the University of Toronto-based Citizen Lab determined that the iOS version of Pegasus targeted a political dissident located in.
in the United Arab Emirates.
Earlier this year, Citizen Lab uncovered proof that NSO developed an advanced exploit against
the WhatsApp messenger that also installed spyware on vulnerable phones without requiring end-users
to take any action.
And undercover Sting targeting Citizen Lab researchers also had a major focus on NSO, end quote.
When last we checked in on the scooter space, things had taken a bit of a pause, mainly because
the unit economics were off.
Until better, more durable scooters arrived on the scene, the business model of shared micromobility was not going to work out so well.
Well, Byrd has announced that it has raised a $275 million Series D led by CDPQ and Sequoia Capital at what sources are saying is a $2.5 billion pre-money valuation.
Why are the investment taps being turned back on?
You guessed it.
Folks are beginning to think that the unit economics problem might have been licked, quoting TechCrunch.
Nearly a year ago, we recognized that the world was changing Bird's CEO and founder Travis
Van der Zanden said in a statement ahead of disrupt. Gone are the days when top line growth was
the leading KPI for emerging companies. Positive unit economics is the new goal line.
As a result, we pivoted from growth to unit economics as the top priority for the company.
Now, with the best unit economics in the industry, new bird investors such as CDPQ see that we
are paving the road for a long-term, sustainable and healthy business, end quote.
Sequoia Capital previously led Byrd's $300 million Series C round back in June with Roliffe Bota,
joining Byrd's board at the time.
Bird plans to use the funding to continue research and development for its variety of vehicles.
The team at Bird exemplifies grit and has embraced a laser focus on key drivers of unit economics in a complex business,
Sequoia Capital partner and Bird board member Botha said in a statement,
the degree to which they were devoted to and accomplished strong contribution margins in a compressed
timeline is rare for a company so early on in its development. We are thrilled to strengthen
our commitment to Byrd and look forward to seeing continued progress on their path to profitability,
end quote. In July, Bird CEO Travis Van der Zandin said Bird had positive unit economics on its new
bird zero scooters, which accounts for more than 75% of its fleet, end quote.
Apple has confirmed that it has acquired Aikinima, a UK-based startup that develops motion
capture animation technology used in games and VR.
Quoting from Mac Rumors, the ICINEMA website is no longer functional, with the exception of a few
technical documents, and the company's Twitter and Facebook accounts stopped being updated on
August 19th.
Mac Rumors reader Peter, who is in the industry, told Mac Rumors that IKinema customers
have been left in the dark for weeks and that the acquisition was confirmed in a private
Facebook motion capture group this morning.
It's not clear what Apple will do with IKinema's technology, but Apple has delved into games with Apple Arcade.
though the company does not develop its own game technology at this time.
Apple is also rumored to be working on various virtual and augmented reality projects,
which could potentially benefit from iKinema's software,
as could animoji and Memoji,
which animate based on facial expressions using the true depth camera system, end quote.
For its part, Apple merely issued its usual statement about acquiring smaller companies from time to time,
and no word from iKinema itself.
Quoting Venture Beat on what iKinema actually does.
Until last month, UK-based iKinema was focused,
on providing 3D motion animation tools to movie and game developers,
enabling virtual characters to exhibit highly believable body movements.
The company's flagship runtime software enables easy but realistic kinematic simulations of the entire human body,
including locomotion and other procedural animations,
openly winning deals with Google, Microsoft, and numerous game studios, end quote.
A brain-controlled mechanical exoskeleton has allowed a paralyzed man to walk again,
at least in a laboratory setting, quoting the MIT Technology Review.
Within the safety of a lab setting, the man was also able to control the suit's arms and hands
using two sensors on his brain.
The patient was a man from Leon named Thibault, who fell 40 feet from a balcony
four years ago, leaving him paralyzed from the shoulders down.
How it worked.
Tebow had surgery to place two implants, each containing 64 electrodes on the parts of the brain
that control movement.
software then translated the brainwaves read by those implants into instructions for movement.
The development of the exoskeleton by Clinatech and the University of Grenoble is described in a paper in The Lancet this week, end quote.
It was not, though, as simple as just putting the mechanical suit on and flipping a switch.
The man apparently had to train for months to be able to use the sensors effectively,
training by using them to manipulate an avatar in video game settings.
Obviously, any real-world applications of this would still be years away, but pretty cool and pretty hopeful nonetheless.
The Election Ride Home is a daily podcast devoted just to the 2020 elections.
Every day at 5 p.m. journalist and this American life contributor Chris Higgins brings you the latest news from the campaign trail.
Who's up, who's down, what issues are getting traction, and what do the polls say?
Someone is going to challenge Donald Trump for the White House.
and every day in 15 jam-packed minutes, the election ride home helps track who that person might end up being.
Search your podcast app and subscribe to the election ride home podcast.
Time for the weekend long-rate suggestions in honor of baseball postseason.
I think I did a segment recently about testing things like robot umpires.
Well, I actually think that this is the league that I told you that this was being tested in,
the Atlantic League. And from Gen by Medium, the first piece I want to suggest this weekend takes a look at
that league, which is not only injecting technology into baseball, but also tweaking the rules
to maybe help modernize it. Quote, the idea is to use the Atlantic League as a science lab,
a place to mess around with the sport at a cellular level without jeopardizing any meaningful
games or meaningful talent. It's not a step that MLB has taken lightly, but like so many aging
institutions the modern age has forced a reckoning. We carry limitless distractions in our pockets
nowadays, and baseball wasn't built to compete with that kind of temptation. It's a game of
anti-climaxes, and it's coming up against a generation of kids conditioned from birth that they can
always skip to the good parts. The only solution is to manufacture more good parts. Each of the new
rules is trained at a tiny crack that MLB has identified in the current state of the game,
and the question is no longer whether to patch them up, but how and when. Things like the
sludgy pace of play, the strikeout boom, the increasing over-reliance on home runs.
Whatever the perceived problem, the desired solution is always the same.
More action, more runs, more athleticism, more stuff.
An end to the epidemic of pitching changes, which put games into a sleeper hold, the moment things start to get spicy.
When the experimental rules operate together in concert, they function like an injection of human growth hormone into baseball's but their performance enhancing rules, end quote.
And here is an angle of the streaming wars that we haven't taken a look at.
Let's say you want to dial up a streaming competitor to Netflix.
Well, it's not like you would flip a switch, as I said in an earlier story.
Variety looks at the technical challenges of creating a modern streaming platform,
and they do so through the lens of Disney.
Turns out that the technical nowce behind Disney's Disney Plus efforts are based right here in New York City.
being able to operate at scale is very different from being able to operate in sort of single-digit million subscribers.
It's night and day, Michael Paul, president of Disney streaming services, says.
That operational know-how and the group's Chelsea Market home base came to Disney through its deal to acquire the majority control of Major League Baseball's Bamtech for $2.5 billion.
It's a business that has been pumping video online since 2002 and has an unmatched track record, says, streaming analysts and consultants.
Dan Rayburn, who calls DSS the special forces of the streaming industry.
Quote, Disney streaming services has more expertise and more resources than anybody else in the
industry, he says. They are just snapping up so many good people in the industry, end
quote. Next, I'd like to collect little essays like these. Here's my insider account of
working at Company X. I'd like to collect them because even if you do have to take them with a
grain of salt, i.e. understanding that this is just one person's experience and that they might
have an axe to grind. It's still a very good way of taking the cultural temperature of various
companies. And they can be especially useful for younger folks trying to break into tech today,
i.e., this is what it's like to work at a tech company. A soon anonymous former SNAP employee
going by the name Marco Tupper has a piece up on medium giving the blow by blow of his time at SNAP.
So caveat caveat, but, quote, I emailed the recruiter back, set up on sites, and went through
with a full round of interviews. I ended up getting an offer with an absolutely jaw-dropping
equity component. It was almost twice as much as what Google was offering. An amount that if the
stock managed to maintain its price at the time would have been life-changing. If the stock turned
around and climbed significantly, I'd be looking at more money than I'd ever imagined making.
So I decided to make this the one big gamble of my career.
I'd never been one for startups and when else would I get a chance to vest this kind of an equity grant at a publicly traded company.
The stock vested on a 10, 20, 30, 40, 40 schedule.
You get 10% of it after your first year, then 20% the second and so on.
So I figured, however unpleasant the environment might be, I could stick it out for four years to vest my stock before moving on to something less stressful.
TLDR, I knew what I was getting myself into.
There were red flags, but I chose to ignore them for the sake of a huge equity offer, end quote.
A lot of the undercurrent of the WeWork saga is the seeming turmoil that WeWork has either caused and or is symptomatic of the larger issues at SoftBanks Vision Fund.
There are plenty of rumors flying around about other SoftBank portfolio companies at the moment, especially Compass and Wag.
And in fact, CNN has a deep dive look into the troubles at Wag, which calling to question the whole premise of Mastasan's investing strategy.
Quote, after the soft bank deal, which rocketed Wags valuation to north of $600 million, according to Prime Unicorn Index, which tracks valuations of privately held companies.
Wag was gaining market share over Rover.
It held nearly 23% market share in the first quarter of 2018.
However, it now holds about 16% of the market compared to Rover, data from second measure.
shows. Wag's struggles since raising hundreds of millions of dollars casts doubt on soft bank's ability
to declare winners in the market with its checkbook alone. It also highlights the challenges of
trying to scale an Uber-style business that impacts not just real customers, but their beloved
pets, end quote. And what would you think is allegedly the nicest community site on the internet?
And if I told you that it's a community primarily composed of men, would you believe me?
Well, according to the Atlantic, check out Beard Board, where folks exchange tips, advice, and even actual emotional support about growing facial hair.
Quote, Beardboard was founded in July 2001. Ancient times for the modern Internet, but it buzzes with activity and is still gaining members.
The concept is straightforward. Members post pictures of what they're growing, and in the comments section, others offer encouragement, compliments, and advice.
What's often counseled is patience. Most beards take time to come in.
even as long as three months, and they go through lengthy phases when you're strongly tempted to give up.
To believe in your beard can feel insane, like believing in God or in yourself.
A community can help, end quote.
And finally, if you've never read Philip Pullman's His Dark Materials books,
you might want to do that quickly because an HBO adaptation starring James McAvoy, Ruth Wilson,
and Lynn Manuel Miranda is airing in November.
The New Yorker has an interview with Pullman himself.
revealing him to be the sort of crumudgeonly old Brit that you kind of knew he was and actually
really, really always wanted him to be, quote, I'm sorry that we as a literary culture seem to be
losing faith in the omniscient narrator. People say, oh, I need to know who's telling the story.
Otherwise, I don't know what to believe. I don't know whether to believe it at all.
And another thing we see more and more of is the bloody present tense. I hate books written
in the present tense. I refuse to read them. Actually,
know, I don't refuse to read them because there have been some very fine books written in the present tense.
And by design, I might have used the present tense. But I think it's kind of an abdication of narrative
responsibility because we know it's not happening now. And she's not coming down the stairs now.
And looking out the window now, it's already happened. It's been written about and printed.
This pretense that it's happening now is a silly thing which I can't abide.
And I use every opportunity to bore people to death by telling them about it.
End quote. That is all for this week, except for the weekend bonus episode that is coming at you tomorrow. As I teased earlier in the week, we're going to be talking to Waymo's Head of Hardware. Pretty interesting get for this little show, if I do say so myself. Talk to you on Monday.