Connect with us

Technology

Sukhinder Singh Cassidy’s CEO journey – TechCrunch

Published

on


After listening to others pitch me a few different job opportunities while still at Google in 2008, it became clear to me that I would make a better decision if I could fully explore the larger landscape of new companies emerging in Silicon Valley.

I had spent the last several years focusing on Google’s business outside the U.S., and I honestly felt out of touch with the startup world. Beyond my goal of becoming a CEO of my own company, I had two other ambitions: I wanted to help build a great consumer service that would delight people (potentially in e-commerce) and I wanted to build further wealth for myself and my family.

To better evaluate my options, I made the decision to quit Google first and find a way to study the wider ecosystem of companies before choosing where to go. Resolved to give myself a “blank slate” before making a final choice, I left Google when I was three months pregnant and joined Accel Partners, a top Silicon Valley venture capital firm and an investor in my previous startup, in a temporary role as CEO-in-residence.

In the months that followed, I helped Accel evaluate investment opportunities across a wide variety of digital sectors, with a particular focus on e-commerce, taking the opportunity to study those companies I might join or think of starting from scratch.


On Thursday, August 19 at 2 p.m. PDT/5 p.m. EDT/9 p.m. UTC

Managing Editor Danny Crichton will interview Sukhinder Singh Cassidy, author of “Choose Possibility,” on Twitter Spaces.


One of Accel’s key partners, Theresia Gouw, helped me brainstorm, joining my cadre of professional priests. We had known one another for over a decade (I originally met her as a young founder at Yodlee) and were at similar stages of our careers, so I knew she could identify personally with my career quandaries. Like me, Theresia was pregnant with her next child and at a similar life stage — yet another commonality.

Image Credits: Sukhinder Singh Cassidy

While at Accel, I spent a disproportionate amount of time testing my macro thesis that online shopping was about to explode in new ways. I had seen the rise of e-tailers at Google (many of these companies, such as eBay and Amazon, were Google’s largest advertisers at the time), but many of the leading e-commerce sites like Amazon and Zappos still had a utilitarian feel to them.

Meanwhile, new fashion and décor e-commerce sites such as Rent the Runway, Gilt, Houzz, Wayfair and One Kings Lane were popping up everywhere and growing rapidly. These sites sought to tap into a more aspirational and entertainment-oriented kind of shopping experience and move it online.

Expert investors like Accel and others were funding them, and my own observations suggested that this area would yield another big wave of online consumer growth. These lifestyle categories of shopping also appealed to me personally; I was the target customer for many of them.

I started to work on an idea for a new e-commerce service, a luxury version of eBay, while listening to the pitches of every e-commerce company that was looking for funding and talking to several that needed early-stage CEOs. I continued to listen to non-e-commerce pitches as well, simply to give myself a point of reference for evaluating online shopping opportunities.

At Yodlee and Google, I had been lucky enough to work with incredibly smart and talented people who shared my values, and I wanted to do the same at my next venture.

I wanted to work with great investors, too, and fortunately I had the ability either to work with Accel-funded companies, start my own or leverage other investor relationships I’d developed. I spent time with multiple company founders to try to discern who they were as leaders, in addition to what they were working on.

By this point in my career, I had a pretty clear idea of my own superpowers and values, so I looked to find companies that could make the most of my unique gifts and whose founders or senior leaders had strengths complementary to mine.

Specifically, I hoped to join a company with a very strong engineering and product management culture that needed a CEO with strategy, vision, business development, fundraising and team-building expertise. Applying these criteria, I turned down several opportunities at companies whose founders had skill sets too similar to mine, reasoning that this overlap might lead to conflict if I ever became CEO.

Finally, I used my time at Accel to think long and hard about the risks I would take in becoming a startup CEO and whether I could afford to fail. My biggest risk by far was ego- and reputation-related. Mindful of how precarious early-stage startups are, I feared that I would leave a successful role as a global executive only to suffer a very large and visible failure. But the more I thought about this, I faced this ego risk head-on and concluded that my reputation as an executive from Google would hopefully be strong enough to survive one failure if it came to that.

The personal risks of taking on a startup CEO role felt different but not greater than those associated with my job at Google. While I knew that serving as a first-time CEO while having another newborn at home (my son Kieran) would be immensely stressful, I would likely benefit from no longer traveling around the world for days and weeks on end and working across multiple time zones, as I had previously.

Last, I evaluated the financial risks of potential moves. Although my startup equity would have uncertain value for a long time, I judged this a risk worth taking, given how excited I’d feel to have more impact and responsibility as CEO. While I lost a large financial package in choosing to leave Google and switching to a startup salary, I could pay the bills at home while digging into my savings only slightly. Under these conditions, I was prepared to make the leap.

In early 2010, almost a year after I left Google, I finally found the right opportunity and decided to join fashion technology startup Polyvore as its full-time CEO. A precursor to Pinterest, Polyvore was based on the idea that women could “clip” online images to create fashion and décor idea boards digitally that were instantly “shoppable.”

Millions of young women (including influencers) were already using the service and loved it. The founding team was led by a rock star engineer, Pasha Sadri, along with three other product and technology folks he recruited from the likes of Yahoo and Google.

Pasha was known for his intelligence, and we had connected informally over the years for coffee, each time having great discussions about business strategy. In fact, Polyvore twice before had tried to recruit me to become its CEO, once when I was at Google and again when I departed that company in 2008. Back then, I’d spent a productive afternoon with the founding team, helping them think through their business model. I also knew Peter Fenton, one of Silicon Valley’s most successful investors and a leading funder of the company. Peter was the one who first introduced me to Polyvore and who continued afterward to passively court me.

Having spent so much time exploring my options from multiple angles, I was now poised to make a great decision. I felt convinced that e-commerce was starting its next wave of growth, and felt excited to be part of it.

Within that vision, Polyvore was among the companies best positioned to succeed, and I knew I could contribute in significant ways to building a service that would delight millions. I was impressed with the strengths of Polyvore’s founder and investors and anticipated that I would be able to complement their efforts nicely. Recognizing that my success as a startup CEO hinged on my relationships with the founder and board, I had also invested time to get to know them.

Meanwhile, I had faced my fear demons, taking financial risk but negotiating my offer aggressively to account for downside scenarios I imagined, and coming to grips with my ego risk. With all this work in place, I finally jumped.

After managing a multibillion-dollar profit and loss and leading a 2,000-person team at Google, I became the newly minted CEO of a 10-person fashion startup in February 2010.

As we tee up the bigger choices in our careers, we all face critical moments of decision. No choice we make will be perfect, and all the frameworks in the world won’t eliminate risk entirely. But we don’t need perfection or freedom from risk. We just need to take the next step.

By choosing thoughtfully, using all the tools at our disposal to maximize our upside and anticipate our downside, we can grasp the opportunities available to us while equipping ourselves to handle whatever challenges reality throws our way.

Excerpted from “Choose Possibility: Take Risks and Thrive (Even When You Fail)’ by Sukhinder Singh Cassidy. Copyright © 2021 by Sukhinder Singh Cassidy. Published and reprinted by permission of Mariner Books/Houghton Mifflin Harcourt. All rights reserved.



Source

Advertisement

SUPPORT THE TIMES CLOCK




Technology

New York follows California mandating zero-emissions vehicles by 2035 • TechCrunch

Published

on


All new passenger cars, pickup trucks and SUVs sold in New York state must be zero emissions by 2035, Governor Kathy Hochul announced Thursday.

“By revving up our clean transportation transition and making major investments to make EVs more accessible, we’re supercharging our fight against climate change,” Hochul tweeted.

To reach the 2035 goal, Hochul said 35% of new cars will need to be zero-emission by 2026 and 68% by 2030. New school buses have until 2027 to meet these standards, with the entire fleets required to be zero-emissions by 2035, according to Hochul.

The new legislation, which will require new cars to be either electric or hydrogen, comes a month after California’s Air Resources board voted to also phase out the sale of new gas-powered cars in the state. New York is the second state to make such a mandate, and signals that others will soon follow.

“We had to wait for California to take a step because there’s some federal requirements that California had to go first — that’s the only time we’re letting them go first,” the governor said in a press conference Thursday, according to The Hill.

Per the 1970 Clean Air Act, California was authorized by Congress to set its own emissions standards for vehicles. Other states are allowed to adopt California’s policies, but they can’t implement their own standards. As a result, California has to lead the way for any state-led enforcements of stricter emissions rules.

The governor also announced Thursday a $10 million investment in the state’s Drive Clean Rebate Program. The program offers New Yorkers a rebate of up to $2,000 for the purchase of over 60 electric car models that, coupled with a federal tax rebate of $7,500, could make the switch to electric significantly more affordable. The state has already issued almost 80,000 rebates and spent more than $92 million on the program, the governor said.

“Adopting this program sends a loud and clear message to carmakers that New Yorkers want electric vehicles,” said Leah Meredith, principal at Advanced Energy Economy, a trade association. “With electric vehicles in high demand but currently in short supply, carmakers are prioritizing the states that speak up, and the Governor’s announcement helps ensure that New Yorkers will have the full range of electric vehicle models to choose from. And by increasing the number of new electric vehicles in New York, this program will also quicken the development of a robust market for used electric vehicles.”

Last week, the New York Power Authority announced its 100th high-speed charger installation in the EVolve NY statewide EV charging network. These charging stations can be found along major travel corridors, like from Buffalo to Albany or from the Adirondacks to Long Island. EVolve NY has committed up to $250 million through 2025 to expand its network of chargers.

New York State will also get $175 million from the infrastructure bill’s $5 billion total allocation for EV charging networks across the country, according to Hochul. The governor said the expansion of widely available charging infrastructure will help increase the sale of EVs in the state.



Source

Continue Reading

Technology

‘Virtual ward’ startup Doccla gets Series A injection as it eyes AI tools • TechCrunch

Published

on


Doccla, a Sweden founded but London-headquartered health tech startup that sells a remote patient monitoring platform to hospitals to run so-called ‘virtual wards’, has closed a £15 million (~$17M) Series A funding round a year after raising a $3.3M seed.

The Series A is led by US VC General Catalyst, with participation from funds managed by healthcare investors KHP Ventures (a collaboration between King’s College London, King’s College Hospital NHS Foundation Trust, and Guy’s and St Thomas’ NHS Foundation Trust). Existing investors Giant Ventures, who led the seed round, and Speedinvest also backed the Series A — which sees Chris Bischoff, MD at General Catalyst, joining the board.

General Catalyst is an investor in US remote care health tech unicorn Cadence which also sells a remote monitoring service, so could be seen as a potential competitor to Doccla. Although the (currently) different target markets (US vs Europe) and specific product presentation — we understand Cadence is focused on populations with chronic disease, while Doccla talks in terms of building virtual wards/’Hospital at Home’ — are, evidently, distinct enough to convince the VC firm there’s value in backing both for growth.

Doccla’s growth trajectory must certainly have helped: The 2019-founded startup only launched its remote patient monitoring service during the pandemic but says it’s now present in a fifth (20%) of all Integrated Care Systems (ICS) in the UK, with patient intake from 20+ hospitals. In total it says it’s monitored 50,000+ patients to date. (NB: ICS are a feature of the UK’s National Health Service (NHS) in England — essentially partnerships between relevant organizations and local authorities with the goal of joining up the planning and delivery of health services across their region.)

The startup’s platform allows clinical staff from hospitals to monitor the vital signs of those under treatment remotely (either continuously or intermittently) — freeing up hospital beds for new patients to be admitted by enabling early discharge via at-home monitoring. That’s important because the NHS suffers from a particular low average number of beds per 1,000 people compared to other OECD EU nations, with just 2.4 beds vs the OECD EU average of 4.6 and Germany’s average of 7.9.

It sells an end-to-end remote patient monitoring service which covers provisioning the devices used for monitoring (including pre-configured smartphones with large fonts to improve accessibility for the visually impaired/frail etc; and wearable medical devices to measure a wide range of physiological parameters); and taking care of software integration, logistics and customer service, and tech support for the elderly and non-digital natives — with its pitch being that it differentiates from competitors by significantly reducing the workload on hospital staff.

Doccla says its current clients include a number of NHS trusts across the UK, including Northampton General Hospital, Cambridgeshire Community Services, and Hertfordshire Community Trust.

On the competition front, it name-checks Huma, Current Health, and Docobo as UK rivals — but co-founder Martin Ratz points to three main areas where he argues it’s serving up something “very different”.

“For starters, we are CQC [Care Quality Commission, aka the independent regulatory body for healthcare providers in England] accredited and therefore can take clinical responsibility for patients, reducing the workload for healthcare personnel,” he tells TechCrunch. “We are device agnostic and are not pushing our own device. Finally, our service layer enables us to deliver market leading patient compliance — exceeding 95% across all pathways.”

The Series A funding injection will be ploughed into further developing its tech stack to support the integration of more medical devices into its patient monitoring platform and electronic healthcare record systems; and for data analytics and AI — to “expand clinical capacity and availability” to meet demand for “virtual hospitals that alleviate pressures on healthcare systems”, as it puts it.

Or, put another way, with both beds and doctors in chronically short supply AI-powered efficiencies are the new, transformative tool to enable already stretched-to-breaking point health services to (safely) stretch even further — or that’s the claim.

“In the future, we will be able to cover additional clinical specialties, with an even more advanced level of care as well as logistical improvements of the service delivery,” suggests Ratz.

Asked what Doccla is using AI for, he confirms it’s working on developing predictive alerts that could help clinicians monitor more patients.

“Doccla will use data insights to develop automation and AI for further improvement of service delivery and clinical outcomes,” he tells us. “This will include various support tools for clinicians, such as predictive alerts.”

There are plenty of safety pitfalls here, given — for example — the bias risks around AI if training data is not representative of the patient population, so how Doccla goes about integrating automated alerts and other AI-powered support tools into its platform without compromising patient safety will certainly be one to watch. (Getting regulatory accreditation on such features will also be less straightforward, with more agencies and oversight bodies in play.)

Still, it looks important that Doccla’s investor roster includes a fund with direct links to a number of NHS Trusts.

Image credits: Doccla

On the question of scalability, especially around patient support — which may require a lot of patient one-to-one interactions with tired and/or frail people who may not be accustomed to using connected technology — Ratz says: “Doccla places significant value on our service layer, as it’s crucial to building and scaling a virtual hospital. In particular, new models of care, especially at the intersection with behavioural change, require it. Doccla’s virtual patient support teams, as well as our clinical teams, are highly efficient and enjoy economies of scale.”

Also on the slate for the Series A: Expansion to new European markets and segments, per Ratz. But he won’t be drawn on where exactly it’s eyeing for new launches. “Doccla’s current focus is the UK where we serve a range of customers and our European expansion will be shaped by upcoming public tenders, notably those in larger markets,” he says, adding: “I can say that we’re already in dialogue with significant operators in several countries.”

The funding will also be used for fuelling the startup’s growth by running virtual clinical trials for the pharmaceutical industry, according to Ratz — presumably with the fully informed consent of any patients who agree to sign up to such trials. (Doccla’s current privacy policy states that it will not share users’ personal data — and further claims to “only collect the data that we need to deliver care safely and effectively”.)

The startup’s platform is able to serve a “very diverse range” of patients, from palliative care to pre- and post-surgery patients, says Ratz — although this type of remote care is clearly not suitable for every type of patient (even if you’re going to start throwing AI into the mix).

“The largest patient groups we work with include COPD [Chronic obstructive pulmonary disease] and heart-related health. The applicability of remote care is exceptional however some patient groups — for example, those who require in-person support such highly acute patients or people with dementia — are less suited for remote monitoring,” he says.

Commenting on the Series A funding in a statement, General Catalyst’s Bischoff added: “The virtualisation of hospital wards is a critical step in efficiently expanding health resources and enabling timely, safe transition of care into the home. Doccla has immense potential and is driving real impact by not only providing a much-needed lifeline for overwhelmed hospitals but also improving patient outcomes through remote monitoring. The founders’ vision to drive more digitally-enabled, decentralised healthcare that combines physical and virtual pathways aligns with General Catalyst’s Health Assurance thesis. Importantly, their partnership approach with NHS Trusts echoes our core values of radical collaboration and responsible innovation — innovation that improves society. At General Catalyst, we support companies that bring about powerful, positive change that endures, and we believe Martin, Dag and the team will do just that.”



Source

Continue Reading

Technology

Battery-swapping SPAC Gogoro secures $345M loan • TechCrunch

Published

on


Taiwanese battery-swapping company Gogoro has signed a $345 million five-year credit facility agreement in order to increase liquidity among uncertain economic conditions.

The loan comes from a group of 10 syndicated banks led by Mega International Commercial Bank Co., according to a regulatory filing.

Gogoro will use the funds to pay off an existing facility, secure energy cells for its batteries, support operations in Taiwan and provide working capital as needed, according to a company spokesperson.

The company will have an option to extend the loan for an additional two years and even get a discount if it continues to meet its carbon reduction goals.

The fresh funds come a month after Gogoro released its second-quarter earnings results, which showed a company that is still growing, but is cautious, given market and macroeconomic conditions. Year-over-year Gogoro managed to increase its revenue by 5.3% to $90.7 million; however, the impact of COVID in Taiwan and China caused Gogoro CEO Horace Luke to revise guidance for the full year from $460 million to $500 million down to $380 million to $410 million.

After reaching mid-September highs of $5.55 per share, Gogoro’s stock took a hit last week, which bearish analysts attribute to declining electric scooter sales in Taiwan and disappointing progress in foreign markets. Gogoro is currently trading at $4.10 on Wednesday after market close.

Earlier this month, Gogoro launched its battery-swapping stations and electric scooters in Israel and selected Singapore’s first EV battery swap pilot.

In November last year, the company launched battery-swapping stations in China, operating under the Huan Huan brand, which is a partnership between Gogoro and electric two-wheeler makers Yadea and DCJ. Gogoro also partnered with Hero MotoCorp to launch a battery-swapping network in India, as well as Hero-branded electric two-wheelers based on Gogoro’s technology. Gogoro previously said it plans to launch its first swapping stations in New Delhi by the end of this year, but the company did not respond to TechCrunch’s request for updated guidance.

Gogoro went public via a merger with a special purpose acquisition company (SPAC) in April. The hype for SPACs is dwindling, with less interest coming from the public markets. Now, a range of EV SPACs are struggling with production issues, inflationary pressures and supply chain bottlenecks that are lowering valuations and throwing up hurdles to liquidity. Recently, Nikola and Lucid Motors, two other EV SPACs, said they’d need to raise more cash to bring their vehicles to market.

Gogoro says the fact it was able to raise its borrowing capacity and secure favorable terms and borrowing rates “in today’s credit-cautious environment” is validation that the company’s partners understand and support Gogoro’s vision and ability to grow.



Source

Continue Reading

Technology

Hacker breaches Fast Company systems to send offensive Apple News notifications • TechCrunch

Published

on


U.S. business publication Fast Company has confirmed that a hacker breached its internal systems to send offensive push notifications to Apple News users. 

In a statement, Fast Company said that a threat actor breached the company’s content management system (CMS) on Tuesday, giving them access to the publication’s Apple News account. The hacker used this access to send two “obscene and racist” push notifications to Apple News subscribers, prompting shocked users to post screenshots on Twitter. It’s not clear how many users received the notifications before they were deleted.

“The messages are vile and are not in line with the content and ethos of Fast Company,” Fast Company said. “We are investigating the situation and have shut down FastCompany.com until the situation has been resolved.”

Apple has also addressed the situation in a tweet, confirming that the website has been hacked and that it has suspended Fast Company’s Apple News account.

Fast Company added that Tuesday’s breach follows an “apparently related hack” of FastCompany.com that occurred on Sunday afternoon, which led to similar language appearing on the site’s homepage and other pages. 

“We shut down the site that afternoon and restored it about two hours later,” the company added. “Fast Company regrets that such abhorrent language appeared on our platforms and in Apple News, and we apologize to anyone who saw it before it was taken down.”

Fast Company didn’t share any details about how it was breached and the company wasn’t immediately available to answer our questions. At the time of writing, the Fast Company website loads a “404 Not Found” page.

However, before the website was taken offline, the hacker responsible for the breach, who identifies as “Thrax”, posted an article labeled as sponsored content that detailed how they were able to infiltrate the publication. The message claims that Fast Company had a “ridiculously easy” default password that was used across a number of accounts, including an administrator. This enabled the attacker to access a bunch of sensitive information, including authentication tokens, Apple News API keys, and Amazon Simple Email Service (SES) tokens, allowing the hacker to send emails using any @fastcompany.com email. 

The attacker, in a separate message to a popular hacking forum posted on Sunday, announced they were releasing a database containing 6,737 Fast Company employee records containing employees’ email addresses, password hashes for some of them, and unpublished drafts, among other information.

This same forum has been at the center of the recent Optus breach, which saw threat actors access an unspecified number of customer names, dates of birth, phone numbers, email addresses, physical addresses and identity documents numbers, including driver’s license and passport numbers. So far, the hacker responsible claims to have released 10,200 records.

The Fast Company hacker, who claims to have previously breached photo-sharing website ClickASnap and a self-proclaimed free-speech social network USA Life, said they weren’t able to access customer records as they were likely stored in a separate database.



Source

Continue Reading

Technology

NASA sings ‘I don’t want to miss a thing’ as DART spacecraft strikes asteroid • TechCrunch

Published

on


To get a roundup of TechCrunch’s biggest and most important stories delivered to your inbox every day at 3 p.m. PDT, subscribe here.

At TechCrunch, we love being a conduit for everything that happens in the startup ecosystem. This year, there’s been a lot of layoffs, and we got to thinking, how can we help those who are struggling get back into the saddle? Our events team had a great idea: If you got laid off, we are offering a free Expo Pass to TechCrunch Disrupt, no strings attached. Come along, stay on the pulse of what’s happening out in startup land, and say hi to a bunch of the TechCrunch crew to boot. We’ll see you there! — Christine and Haje

The TechCrunch Top 3

  • Arma-gettin outta here: NASA successfully smashed a satellite into an asteroid, Darrell reports. Cool, cool. Don’t worry, this is just in case real life tries to imitate “Armageddon” or “Deep Impact.”
  • Something else you have to clean: Flatfile estimates that data scientists spend a majority of their work time cleansing data, aka getting it ready for use in predictive analysis. It took in $50 million for its approach to automating this dirty task, Kyle reports.
  • Here’s my recruitment link: Ingrid reports that Calendly, the $3 billion+ scheduling startup, is getting into the recruitment game with its acquisition of Prelude, a startup that automates scheduling around job recruitment.

Startups and VC

If you’re reading this, you almost certainly have a complicated relationship with screens. Every year that passes, they become larger and increasingly present in our lives, Brian writes. Meanwhile, we continue to embrace the technology all while complaining about the hold it has on our lives. The Freewrite Alpha boldly asks: Can a small screen be too small?

We last profiled Cake in April when its line of lubricants, condoms, toys and sexual hygiene products made its debut in Target. The company now has five products in store locations as well as Amazon, Thrive Marketplace and UrbanOutfitters.com. Christine reports that the company’s well-lubricated expansion continues this week, with placement in some major retailers, including new space in CVS stores, as it announces $8 million in new Series A funding.

A few more from across the TechCrunch galaxy:

What can the 2000 dot-com crash teach us about the 2022 tech downturn?

Image Credits: Bob Riha Jr. (opens in a new window) / Getty Images

Many entrepreneurs have been encouraged to believe that smooth storytelling and good social skills are enough to convince investors that things are moving according to plan. They are mistaken.

Instead of instinctively going into survival mode, M13 partner Anna Barber says founders should ask themselves existential questions like, “Why did you start this business? What are the fundamentals? Who are your customers? What problem are you solving?”

“At a time like this, trust is more important than ever,” she said, adding that she tells entrepreneurs to stay in close touch, “particularly around bad news.”

Before problems arise and between regularly scheduled meetings, entrepreneurs should get comfortable with asking for help and advice. Reaching out to share an update or ask questions sends a strong signal that you’re not waiting for someone to give you direction.

“Tell them what you need. This is what we’re here for: to roll up our sleeves and help problem-solve with you. Nobody expects any of this to be smooth sailing,” said Barber.

Three more from the TC+ team:

TechCrunch+ is our membership program that helps founders and startup teams get ahead of the pack. You can sign up here. Use code “DC” for a 15% discount on an annual subscription!

Big Tech Inc.

Who would have thought a Roomba that both vacuums and mops would be such a necessity? Duh, iRobot did, and Brian has the skinny on why it exists.

People are unhappy with the state of Instagram these days, and the OG app is out to bring Instagram back to its glory days with features like realigning the feed to the user’s choice and being ad free, Ivan reports.

And we have five more for you:



Source

Continue Reading

Technology

WhatsApp fixes ‘critical’ security bug that put Android phone data at risk • TechCrunch

Published

on


WhatsApp has published details of a “critical”-rated security vulnerability affecting its Android app that could allow attackers to remotely plant malware on a victim’s smartphone during a video call.

Details of the flaw, tracked as CVE-2022-36934 with an assigned severity rating of 9.8 out of 10, is described by WhatsApp as an integer overflow bug. This happens when an app tries to perform a computational process but has no space in its allotted memory, causing the data to spill out and overwrite other parts of the system’s memory with potentially malicious code.

WhatsApp didn’t share any further details about the bug. But security research firm Malwarebytes said in its own technical analysis that the bug is found in a WhatsApp app component called “Video Call Handler,” which if triggered would allow an attacker to take complete control of a victim’s app.

When reached for comment, WhatsApp did not immediately say if it has evidence of active exploitation or if the vulnerabilities were discovered in-house.

The critical-rated memory vulnerability is similar to a 2019 bug, which WhatsApp ultimately blamed on Israeli spyware maker NSO Group in 2019 for using to target 1,400 victims’ phones, including journalists, human rights defenders, and other civilians. The attack leveraged a bug in WhatsApp’s audio calling feature that allowed the caller to plant spyware on a victim’s device, regardless of whether the call was answered.

WhatsApp also disclosed this week details of another vulnerability, CVE-2022-27492, rated “high” in severity at 7.8 out of 10, which could allow hackers to run malicious code on a victim’s iOS device after sending a malicious video file.

“The manipulation with an unknown input leads to a memory corruption vulnerability,” said Pieter Arntz, an intelligence researcher at Malwarebytes. “To exploit this vulnerability, attackers would have to drop a crafted video file on the user’s WhatsApp messenger and convince the user to play it.”

Both flaws are patched in the latest versions of WhatsApp. Update today.



Source

Continue Reading

Technology

Finally, a Roomba that vacuums and mops • TechCrunch

Published

on


IRobot makes robots that vacuum. IRobot makes robots that mop. Other companies make robots that vacuum and mop. So, why doesn’t iRobot? If you had asked the company that question as recently as a few weeks back, you likely would have gotten a stock answer about not doing something until you can do it right.

Obviously the answer is a bit more nuanced. For one thing, iRobot does make a two-in-one — kind of, sort of, at least. Thing is, it’s A) Only available in Europe and B) Apparently it’s not really up to the company’s own exacting standards when it comes to this sort of thing — something co-founder and CEO Colin Angle admitted in a conversation with TechCrunch last week.

Image Credits: irobot

“The customer is very excited about the convenience of a two-in-one robot, so we needed to build one,” the executive says. “But, being iRobot, we needed to actually build one, as opposed to doing it in a way that doesn’t deliver on the promise. Right now, most two-in-one robots are really one-plus-one.” He includes the aforementioned Roomba in that list.

The other interesting wrinkle in all of this is iRobot’s long history with mopping robots. The Scooba line dates back to 2006. The product was essentially a Roomba that swapped the debris bag for clean and dirty water tanks. It was discontinued after a decade, following iRobot’s acquisition of Evolution Robotics. That company’s Mint robot, which used a pad to clean floors, eventually became Braava.

Image Credits: iRobot

Today, iRobot announced the Roomba Combo j7+, the first Roomba (with that one notable exception) to bring two-in-one mopping and vacuuming to the popular product line. As suggested by the lengthy name, the new offering is based on the same hardware as the standard j7. The “+” refers to the emptying dock, while the “Combo” is a reference to the mopping functionality. Given the naming convention, it seems like the “Combo” feature will be coming to additional entries in the Roomba line, down the road.

The mopping functionality utilizes an arm that lowers a Braava-style pad to the floor and lifts up and lays flush on the top of the robot for safe stowage — and to avoid dragging the mop on the carpet. Among other things, the system’s on-board intelligence is able to distinguish carpeting/rugs from hardwood/tile/linoleum.

Image Credits: iRobot

The robot’s footprint is a bit larger than the standard j7, in part to afford extra space for the water tank. At the moment, the dock is not able to automatically empty the tank, as it does the vacuum bin, though that appears to be something the company is working on.

As you’ve no-doubt guessed, none of this comes cheap. The Combo j7+ goes up for preorder today, priced at $1,099. It starts shipping October 4, and will also be made available without the bin + bundle.



Source

Continue Reading

Trending