Total Pageviews
Thursday, 30 January 2014
Yahoo Mail Accounts Hacked, Passwords Reset
What does national security have to do with the Lenovo-Motorola deal?
Clinkle Gets Hacked Before It Even Launches
Clinkle is the hottest app around to have done mostly nothing. The stealth payments service, which has raised $25 million from big-name investors, has yet to publicly launch. But that doesn’t mean it can’t be hacked.
Today, a guest user posted a list of 33 usernames, user IDs, profile photos, and phone numbers to PasteBin. Based on the data provided, it seems as though these users are Clinkle employees who are testing the app.
Founder Lucas Duplan is on the list (yep, that’s his Clinkle profile pic, shown above), as well as former Netflix CFO and Clinkle COO Barry McCarthy. Former PayPal exec Mike Liberatore, now Clinkle CFO, is also listed.
The data was seemingly accessed through a private API that Clinkle has in place. Referred to by the hacker as “typeahead”, the API appears to be the basis of an autocomplete tool, allowing uses to type a single letter (like ‘A’) and find all usernames starting with that letter (like ‘Adam’ and ‘Andrew’). [Note: Twitter has a similar tool with the same name — it's unclear if they're one and the same.]
Clinkle seems to use this API in their own app (presumably so users can find friends when making a payment), which has allowed one hacker to search user names, leading to the associated user IDs and phone numbers.
Here’s what the hacker had to say:
Results from Clinkle typeahead API. It requires no authentication. The app stores writes results to disk automatically. This is much worse than Snapchat’s breach. Phone numbers masked as courtesy.
In other words, whoever broke into the app didn’t need a userID to access Clinkle’s list of testers or their personal information, which seems to be saved on a Clinkle server.
But to be fair, Clinkle’s breach isn’t quite the same as Snapchat’s, considering the information of 4.6 million Snapchat users was released, as opposed a small group of employee testers.
Here’s Clinkle’s explanation for the breach:
You’re describing visibility that was purposefully built into the system as part of our preliminary user testing and was always intended to be turned off. As you can see from the list, we’ve been testing internally and registrations have been limited to Clinkle employees. We were using an open API, which has now been closed. That said, only names, phone numbers, photos, and Clinkle unique IDs were accessible.
Clinkle points to a Stanford student as the alleged hacker but that has yet to be confirmed.
Clinkle, rumored to launch later this year, currently has both an iOS app in iTunes and an Android app available in the Google Play store for those who wish to join the waiting list.
Based on the size of the app (52MB) and the unzipped files uncovered after downloading it, it seems like the full Clinkle app is out there, rather than a placeholder app built for wait list registrants.
Right now, the app has a waiting list wall, which “VIP” members can bypass once an administrator grants permission. This likely allows Clinkle to demo the app to investors and partners without having to go through some cumbersome download process.
During the process of fundraising, I’m sure that little trick came in handy. Not so much today, though.
The hack produced some interesting data about the team that works on Clinkle.
Founder Lucas Duplan is listed as the first user (User ID: 1), with a picture that very much resembles him holding cash money. The CFO, Barry McCarthy, is also listed with a legitimate profile photo, as is the Head Of Comms, who confirmed the validity of the images and the data.
The photos from Clinkle’s Team page, where 22 unidentified Clinkle employees are pictured alongside goofy pseudonyms, also seem to resemble people in the leaked profile photos. Finally, we can put faces to names.
So what are the implications?
Well, Clinkle hasn’t actually launched yet, so it’s very possible that the team hasn’t been focusing on security. However, security and trust should be top priorities for a payments company. Especially for a company so young.
Clinkle was founded by a group of more than a dozen Stanford students in 2011, and has stayed under the radar while key employees finish their degrees. The company was partially funded by Stanford professors before raising $25 million in a party round. Over 18 investors participated.
The WSJ, followed by every other news outlet, proclaimed this the biggest Stanford startup exodus in history. Clinkle was all the rage.
Seriously, Silicon Valley wouldn’t shut up about it.
In fall, however, two rounds of layoffs left many wondering if the Stanford-fueled payments startup was really the Messiah of trade. The company slashed around 30 employees, and then another 16.
Around the same time, screenshots and videos of the app in action were leaked, letting Clinkle’s cat out of the bag.
Rumors circulated that the company was going through leadership issues. That those promised equity weren’t getting it. That folks were overworked and underpaid. That there was no transparency about the product timeline, or the product itself. That 22-year-old Lucas Duplan was taking home a six-figure salary and mistreating employees.
Today, the same questions as before creep back into our consciousness.
What have they been doing with all that money this whole time? Posting profile photos that confirm our worst fears? Whether the breach was a result of intentional openness or unintentional laziness on the part of Clinkle is unclear, but the photo doesn’t lie.
via TechCrunch » Startups http://ift.tt/1bDRUk0
Barry Sternlicht, Former CEO Of Hotel Giant Starwood, Invests In HotelTonight
Last-minute hotel booking startup HotelTonight just announced that it has landed a personal investment from Barry Sternlicht, founder of Starwood Capital Group and former chairman and CEO of Starwood Hotels & Resort Worldwide.
Sternlicht, who has been described as the “king of hotels“, is also joining HotelTonight as a strategic advisor.
“He knows everybody in the hotel industry,” HotelTonight CEO Sam Shank told me, later adding, “When we launched, there was a lot of doubt that we were beneficial to the industry. … Getting the top guy in hotels to back us and to support us, that’s validation that we’re becoming grown up.”
According to Shank, Sternlicht should be able to help HotelTonight improve its hotel experience and also reach broader deals with large chains, which is particularly important for coverage outside of major cities. Shank declined to specify the size of Sternlicht’s investment, except that it was “a significant dollar amount.”
“Booking windows are shrinking and customers are going mobile, trends which position HotelTonight perfectly for the future,” Sternlicht said in the release. “But there’s something more that attracted me – it’s that HotelTonight is proving booking by booking that both hotels and distributors can win.”
HotelTonight says it has been downloaded more than 9 million times and now works with 10,000 hotels in 250 destinations. The company raised a $45 million funding round last summer.
via TechCrunch » Startups http://ift.tt/1ffZJ1N
Yahoo Mail accounts breached through third-party database hacking
Microsoft will reportedly name enterprise chief Satya Nadella as CEO
La puerta del infierno está en Turkmenistán
En 1971 unos cientÃficos rusos estaban haciendo prospecciones en busca de petróleo en el desierto de Karakum, en Turkmenistán, cuando el suelo se hundió bajo la torre de perforación que estaban usando para estudiar una cueva llena de gas natural.
Esto formó un cráter de más de 70 metros de diámetro y unos veinte de profundidad, y para evitar que la fuga de gas pusiera en peligro a las poblaciones cercanas en su momento pareció una buena idea prenderle fuego para asegurarse de que se consumiera in situ.
Sólo que el cráter en cuestión, al que los lugareños han terminado por bautizar «la puerta del infierno» , lleva ardiendo desde entonces y nadie se atreve a predecir cuando parará. Eso sÃ, se ha convertido en toda una atracción turÃstica a pesar del pestilente olor a azufre que lo rodea.
Y es que resulta que el desierto de Karakum posee una de las mayores reservas de gas natural del mundo.
En Fiery 230ft crater nicknamed the 'Door to Hell' baffles scientists after burning endlessly for 40 YEARS hay unas cuantas fotos del cráter que dan una buena idea de su tamaño.
(Me encontré una referencia a esto en un tuit de @IFLScience).
via Microsiervos http://ift.tt/1baHP1d
Amazon's Q4 profit more than doubles year-over-year to hit $239 million
Google finishes up 2013 on a high note, Motorola on a low one (financially speaking)
Leaked Photos Reveal New Samsung Lifelogging App
Y asÃ, niños, se monta una Estación Espacial Internacional
Paso a paso, despacito (más de lo que hubiera sido deseable), y con buena letra, se monta uno una Estación Espacial Internacional , aunque el primer módulo haya sido lanzado al espacio en 1998 y aún falten algunos módulos más por subir.
En este vÃdeo se ve la secuencia de ensamblado de la Estación, con las fechas correspondientes; es especialmente interesante ver cómo algunos módulos fueron instalados al principio en una posición para luego terminar en otra cuando fueron puestos en órbita otros módulos necesarios para colocarlos en su sitio definitivo.
Acaba con la instalación del módulo Nauka y del brazo robot europeo, que en realidad aún no han sido lanzados y que probablemente no lo sean al menos hasta 2015.
Aquà tienes la lista de módulos por si quieres ver para qué sirve cada uno, y aquà un gráfico con el reparto de módulos por paÃses.
En 2013 los miembros del proyecto celebraban el decimoquinto cumpleaños del lanzamiento de su primer módulo, y aunque en principio los planes pasaban por mantenerla en servicio hasta 2020 ahora ya se habla de mantenerla al menos hasta 2024.
(VÃa @Cmdr_Hadfield).
via Microsiervos http://ift.tt/1ffK5Dt
What Lenovo's Motorola deal could mean for American manufacturing
Alibaba Payment Option for Mobile Cab Rides
Equidate Launches A Secondary Market For Early Startup Employees To Sell Shares
It was once a rare practice, but employees are now finding more ways to unload vested shares in their startups along the way.
While employers have typically tried to control these sales, a new marketplace called Equidate is opening up that will let employees sell equity with or without the startup’s consent (although Equidate would prefer to collaborate with employers).
Over the past decade, many companies like Facebook have elected to wait longer before going public. That meant that longtime employees wound up with their wealth mostly tied up in the stock of their companies with few options to diversify their holdings. At the same time, certain investors wanted access to a growing pool of pre-IPO tech companies.
So companies like New York-based SecondMarket cropped up. They have helped facilitate employee share sales for privately-held companies like SurveyMonkey, which raised about $800 million in January of last year.
Equidate’s critique of SecondMarket’s model is that if you are an employee that wants to sell shares, you have to do it through your company.
“It’s difficult if you want to sell shares as an individual,” said co-founder Sohail Prasad, who was previously a product manager at Zynga and an early employee at Chartboost. (But these restrictions also exist because as secondary sales have become more popular, companies have also wanted control. They want to manage the flow of private information of their financial performance and they want to know who their shareholders are.)
So what Equidate has done is that they’ve created contracts tied to the value of an employee’s shares, which have to be vested and owned by them. (Employees can’t participate if they just have options or if they have restricted stock units.)
“It’s similar to a collateralized loan. No shares are trading hands,” Prasad said. Prasad said that an Equidate contract allows an investor to buy rights to the economic upside of a share, while avoiding the legal hoops a company has to go through when it’s adding extra shareholders to its cap table.
Gil Silberman, Equidate’s other co-founder, created the contracts after working as a lawyer with companies like LinkedIn, Craigslist and OpenTable.
They’re launching with four companies on the market including Dropbox, BitTorrent, Chartboost and Buzzfeed. They would like to bring more Series B stage companies or so onto the platform, which means they’d sit in between early-stage solutions like Funders Club and then big late-stage rounds.
For now, Equidate will only allow accredited investors, who either have a net worth of more than $1 million or make at least $200,000 a year, to participate.
The four-person company hasn’t shared any details on how much it has raised to date or who its investors are.
via TechCrunch » Startups http://ift.tt/1hT7Lzs
Nuevo trailer de la versión actualizada de Cosmos con Neil deGrasse Tyson
Las expectativas son enormes –y el recuerdo del Cosmos original muy poderoso– asà que el batacazo puede ser morrocotudo, pero el próximo 9 de marzo comenzaremos a salir de dudas acerca de si la actualización de Cosmos merece la pena.
Cosmos: a spacetime odyssey contará con 13 episodios presentados por Neil deGrasse Tyson; Ann Druyan, la viuda de Sagan, ha formado parte del equipo creativo.
(@BrannonBraga vÃa @BadAstronomer).
via Microsiervos http://ift.tt/1iequ9j
Here's a peek at the new Cosmos series, hosted by Neil deGrasse Tyson
Foursquare Now Lets You Order In Directly From U.S. Restaurants
New Microsoft app brings recipes and grocery lists to your Windows Phone
Forget check-ins: Foursquare now lets you order in from local restaurants
This Is the World's Top-Earning App
Waterloo Labs uses paintball guns to make automated works of art
Everything You Need to Know About 4K Video in Less Than 2 Minutes
Flink Is An Addictive Mobile Fashion Experience To Discover New Looks
Meet Flink a brand new mobile app that will become the perfect time waster for fashion enthusiasts. It’s a well-designed app to browse new looks on your favorite fashion blogs in a native app. The overall experience is very addictive.
When you first open the app, you can instantly follow a selection of some well-known fashion blogs. After that, it works a lot like Frontback and Mindie. You are immersed in the picture. It fills up the entire screen.
With one swipe, you get to see another look, and another, and another. Maybe you really like what this woman is wearing. So you can swipe right to see other pictures. With one tap, you can see where this dress or this handbag come from.
But contrarily to Frontback or Mindie, it isn’t a social app — it’s a content app. Flink has made a beautiful fashion blog reader for mobile, a sort of Flipboard for fashion.
You can like and share a look, but what’s interesting is how you can get lost in the app. Every now and then, a button appears saying “3 new looks available”, you just have to tap it and you will get brand new professional pictures.
And of course, you can spend countless of hours looking for new fashion bloggers and tweaking your list of bloggers to what you really want. When you like a look, it is saved in a separate tab, so you can always go back and find it later.
Comments are public and Flink could end up creating a community of passionate fashion curators.
What about copyright? Flink has reached out to dozens of popular fashion bloggers, and they were eager to see their content in the app, except a couple of people. Flink bets on fair use to show the pictures. With each post, there is a link to the actual blog post — it works a lot like an RSS reader or a read later service in the end. If a blogger complains, the team promises to remove its content from the app. This strategy worked well for Pinterest, and there is no reason that it won’t work again.
via TechCrunch » Startups http://ift.tt/1ie5gIO
Sony Xperia Z1 Compact review: a good thing in a small(ish) package
Korea remembers to fine Google for unauthorized data-gathering in 2010
Google Street View Says Japan Is Top Virtual Tourism Spot in Asia
Los mejores efectos especiales desde 1977, según los Premios Óscar
Nelson Carvajal se ha entretenido en recopilar algunas escenas de todas las pelÃculas que han recibido un premio Óscar desde hace 35 años, empezando por Star Wars. El resultado es una entrañable recolección de buenos recuerdos y –por qué no– una lista para repasar esas pelÃculas que marcaron época.
La música de acompañamiento es Time, de Hans Zimmer, de la también premiada Origen (Cristopher Nolan, 2010).
via Microsiervos http://ift.tt/1n0P2TD