Cybersecurity experts have said parents should boycott or at least be cautious of VTech's electronic toys because of how it has handled a hack attack.
They gave the advice after it emerged that VTech's new terms and conditions state that parents must assume responsibility for future breaches
More than 6.3 million children's accounts were affected by last year's breach, which gave the perpetrator access to photos and chat logs.
VTech says it stands by the new terms.
"Since learning about the hack of its databases, VTech has worked hard to enhance the security of its websites and services and to safeguard customer information," said a spokeswoman.
"But no company that operates online can provide a 100% guarantee that it won't be hacked.
"The Learning Lodge terms and conditions, like the T&Cs for many online sites and services, simply recognise that fact by limiting the company's liability for the acts of third parties such as hackers.
"Such limitations are commonplace on the web."
The new terms were flagged by a blog by the Australian security specialist Troy Hunt. In it, he detailed additional flaws with VTech's products and alleged that it was misleading for the firm to have described the attack as being "sophisticated".
VTech has said 6.3 million children's accounts and 4.9 million parents' accounts were affected by the hack attack He also disclosed that the company had issued new terms and conditions on 24 December for the software that lets parents add apps to its devices and copy off photos and other saved files.
They tell parents: "You acknowledge and agree that you assume full responsibility for your use of the site and any software or firmware downloaded. "You acknowledge and agree that any information you send or receive during your use of the site may not be secure and may be intercepted or later acquired by unauthorised parties. "You acknowledge and agree that your use of the site and any software or firmware downloaded there from is at your own risk."
Another security researcher, Scott Helme, later confirmed the terms appeared when Europe-based owners of the VTech's InnoTab Max tablets updated its firmware.
Mr Hunt was dismayed. "People don't even read these things!" he wrote. "If [VTech] honestly feel they're not up to the task of protecting personal information, then perhaps put that on the box and allow consumers to consciously take their chances rather than implicitly opting into the 'zero accountability' clause."
'Unforgiveable and ignorant'
His condemnation of the firm has since been echoed by four other security experts. "This is an unbelievably arrogant and derogatory response considering their track record with data security," said Ken Munro from Pen Test Partners.
"If VTech think that those T&Cs are the answer to their problems I think they should be given a bigger problem to deal with. Boycott them and take your money somewhere else." Prof Angela Sasse - director of the UK Research Institute in Science of Cyber Security - added that she would be "cautious" about all of the firm's products.
"The nature of the security flaws identified, and their displayed lack of urgency in fixing them, casts doubt on their security competence," she told the BBC.
"Instead, they change the T&Cs to 'dump' any risk on their customers - I would not trust a vendor who behaves in this way." University College London's Dr Steven Murdoch also guided potential shoppers elsewhere.
"The existence of vulnerabilities that result from beginners' mistakes in the VTech website is disappointing, as is their handling of the situation, so it raises serious questions about whether there are vulnerabilities in their other products," he said.
"It would be understandable that potential customers will look elsewhere."
Meanwhile, Trend Micro's Rik Ferguson said the firm's behaviour was "unforgivable, ignorant and indefensible".
"Would I advise consumers to avoid an organisation that attempts to take advantage of its customers' goodwill and to absolve itself of its legal responsibilities with weasel words? Unequivocally, yes."
A lawyer added that VTech's approach was "odd".
"It's unusual to see these terms in consumer contracts and it's questionable if they would be enforceable," said Callum Murray, head of commercial technology at Kemp Little.
VTech's reach is about to grow following a deal to take over its US rival Leapfrog, which makes child-centric tablets computers, smartwatches and apps of its own.
But one company-watcher commented that the impact went even further.
VTech has agreed to buy its US rival Leapfrog in a deal worth $72m (£50m) "A lot of eyes are on VTech because nothing on this kind of scale has happened in the toy industry before," said Billy Langsworthy, editor of the Toy News trade magazine.
"Toy firms need to be aware that these kinds of cyber-attacks are going to become more common, so right from how they set up their security to how they deal with the PR of a breach is something that this sector is going to have to look at."
When my digital media students are sitting, waiting for class to start, and staring at their phones, they are not checking Facebook. They’re not checking Instagram or Pinterest or Twitter. No, they’re catching up on the news of the day by checking out their friends’ Stories on Snapchat, chatting in Facebook Messenger or checking in with their friends in a group text. If the time drags, they might switch to Instagram to see what the brands they love are posting, or check in with Twitter for a laugh at some celebrity tweets. But, they tell me, most of the time they eschew the public square of social media for more intimate options. The times, they are a-changing
For a few years now, alarms have been sounded in various quarters about Facebook’s teen problem. In 2013, one author explored why teens are tiring of Facebook, and according to Time, more than 11 million young people have fled Facebook since 2011. But many of these articles theorized that teens were moving instead to Instagram (a Facebook-owned property) and other social media platforms. In other words, teen flight was a Facebook problem, not a social media problem. Today, however, the newest data increasingly support the idea that young people are actually transitioning out of using what we might term broadcast social media—like Facebook and Twitter—and switching instead to using narrowcast tools—like Messenger or Snapchat. Instead of posting generic and sanitized updates for all to see, they are sharing their transient goofy selfies and blow-by-blow descriptions of class with only their closest friends. messaging apps
For example, in a study published in August last year, the Pew Research Center reported that 49% of smartphone owners between 18 and 29 use messaging apps like Kik, Whatsapp, or iMessage, and 41% use apps that automatically delete sent messages, like Snapchat. For context, note that according to another Pew study, only 37% of people in that age range use Pinterest, only 22% use LinkedIn, and only 32% use Twitter. Messaging clearly trumps these more publicly accessible forms of social media.
Admittedly, 82% of people aged 18 to 29 said that they do use Facebook. However, that 82% affirmatively answered the question, “Do you ever use the Internet or a mobile app to use Facebook?” (emphasis added). Having a Facebook account and actually using Facebook are two different things. While Pew does have data on how frequently people report using Facebook (70% said at least once a day), those data are not broken down by age. And anecdotal evidence such as what I’ve gathered from class discussions and assignments suggests that many younger people are logging in to Facebook simply to see what others are posting, rather than creating content of their own. Their photos, updates, likes, and dislikes are increasingly shared only in closed gardens like group chat and Snapchat.
Why would they leave?
Although there is not a great deal of published research on the phenomenon, there seem to be several reasons why younger people are opting for messaging over social media. Based on my discussions with around 80 American college students, there appears to be three reasons for choosing something like Snapchat over Facebook.
1. My gran likes my profile picture
As Facebook has wormed its way into our lives, its demographics have shifted dramatically. According to Pew, 48% of Internet users over the age of 65 use Facebook. As social media usage has spread beyond the young, social media have become less attractive to young people. Few college students want their parents to see their Friday night photos.
2. Permanence and ephemerality
Many of the students I’ve spoken with avoid posting on sites like Facebook because, to quote one student, “Those pics are there forever!” Having grown up with these platforms, college students are well aware that nothing posted on Facebook is ever truly forgotten, and they are increasingly wary of the implications. Teens engage in complex management of their self-presentation in online spaces; for many college students, platforms like Snapchat, that promise ephemerality, are a welcome break from the need to police their online image.
3. The professional and the personal
Increasingly, young people are being warned that future employers, college admissions departments, and even banks will use their social media profiles to form assessments. In response, many of them seem to be using social media more strategically. For example, a number of my students create multiple profiles on sites like Twitter, under various names. They carefully curate the content they post on their public profiles on Facebook or LinkedIn, and save their real, private selves for other platforms.
Is this a problem?
We may be seeing the next evolution in digital media. Just as young people were the first to migrate on to platforms like Facebook and Twitter, they may now be the first to leave and move on to something new. usage of social networkingYoung adults still are the most likely to use social media.(Pew Research Center)
This exodus of young people from publicly accessible social media to messaging that is restricted to smaller groups has a number of implications, both for the big businesses behind social media and for the public sphere more generally.
From a corporate perspective, the shift is potentially troubling. If young people are becoming less likely to provide personal details about themselves to online sites, the digital advertising machine that runs on such data (described in detail by Joe Turow in his book The Daily You) may face some major headwinds.
For example, if young people are no longer “liking” things on Facebook, the platform’s long-term value to advertisers may erode. Currently, Facebook uses data it gathers about users’ “likes” and “shares” to target advertising at particular individuals. So, hypothetically, if you “like” an animal rescue, you may see advertisements for PetSmart on Facebook. This type of precision targeting has made Facebook into a formidable advertising platform; in 2015, the company earned almost $18 billion, virtually all of it from advertising. If young people stop feeding the Facebook algorithm by clicking “like,” this revenue could be in jeopardy. From the perspective of parents and older social media users, this shift can also seem troubling. Parents who may be accustomed to monitoring at least some proportion of their children’s online lives may find themselves increasingly shut out. On the other hand, for the growing number of adults who use these platforms to stay in touch with their own peer networks, exchange news and information, and network, this change may go virtually unnoticed. And, indeed, for the many older people who have never understood the attraction of airing one’s laundry on social media, the shift may even seem like a positive maturation among younger users.
From a social or academic perspective, the shift is both encouraging—in that it is supportive of calls for more reticence online—and also troubling.
As more and more political activity migrates online, and social media play a role in a number of important social movement activities, the exodus of the young could mean that they become less exposed to important social justice issues and political ideas.
If college students spend most of their media time on group text and Snapchat, there is less opportunity for new ideas to enter their social networks. Emerging research is documenting the ways in which our use of social media for news monitoring can lead us to consume only narrow, partisan news. If young people opt to use open messaging services even less, they may further reduce their exposure to news and ideas that challenge their current beliefs.
The great promise of social media was that they would create a powerful and open public sphere, in which ideas could spread and networks of political action could form. If it is true that the young are turning aside from these platforms, and spending most of their time with messaging apps that connect only those who are already connected, the political promise of social media may never be realized.
The ConversationThis post originally appeared at The Conversation. Follow @ConversationUS on Twitter.
HSBC is launching voice recognition and touch security services in the UK in a big leap towards the introduction of biometric banking.
The bank says its phone and mobile banking customers will no longer have to remember a password or memorable places and dates to access accounts.
Barclays has already introduced voice recognition software, but it is only available to certain clients.
RBS and NatWest have offered finger print technology for the last year.
The move comes weeks ahead of the launch of Atom Bank, which will allow its customers to log on via a face recognition system.
HSBC says its service will be offered to up to 15 million banking customers.
First Direct's customers will be offered the voice and fingerprint recognition system over the next few weeks, followed by HSBC's in the summer.
Francesca McDonagh, HSBC UK's head of retail banking and wealth management, described the change as "the largest planned rollout of voice biometric security technology in the UK".
She said: "The launch of voice and touch ID makes it even quicker and easier for customers to access their bank account, using the most secure form of password technology - the body."
Touch ID is available on all Apple mobile devices for both HSBC and First Direct. Customers must download the mobile banking app and follow the instructions to link their fingerprint to it.
The future Nuance Communications is supplying the voice biometrics technology, which works by cross-checking against over 100 unique identifiers including both behavioural features such as speed, cadence and pronunciation, and physical aspects including the shape of larynx, vocal tract and nasal passages.
Customers who want to use the service will have to enrol their "voice print" and will no longer need to use passwords or PINs. The bank says the system will still work when someone is ill.
"We will be able to cope with people who have got colds or slight impediments," Joe Gordon, UK head of customer contact at HSBC, told the BBC.
"Things such as the size of your mouth or your vocal tract don't change. Neither do your cadence or your accent when you've got those little colds."
A YouGov survey of 2,038 people, commissioned by HSBC and published on Friday, found that 55% of those polled said they rarely changed passwords, while 74% felt that biometric security would become the default "password" of the future.
Barclays says it was the first bank to offer voice recognition software. However, the service is only available to corporate clients at the moment.
A generation of young people has grown up accustomed to use smartphone apps for pretty much everything, including dating. But maybe it's just as fun, awkward, nerve-wracking and occasionally wonderful as it was before? And if it doesn't work out, the options for the next date are almost limitless.
"I'm a little nervous," says Whitney as she battles against the icy Manhattan wind. It's Friday night and she's on her way to a date with a guy she's never met before. They matched on the dating app Tinder a few days ago and, after promising witty banter, agreed to take things offline.
To be honest, I'm a bit nervous for Whitney too. I've spent quite a bit of time with her over the past week and found myself warming to her openness and infectious enthusiasm for life. Just for a second, I feel what I think Whitney must be feeling: that excitement of meeting someone for the first time, all jumbled up with vulnerability and the nagging worry you've got something stuck in your teeth. I really want it to go OK.
Also, this is her second first date of the week, and the first one didn't go well.
For starters, the guy she was meeting deleted his profile on the OKCupid app where she'd found him. So she was worried she wouldn't actually recognise him once she got to the bar - she's in contact with so many men on different dating apps it's not always easy to remember who's who.
Luckily, he recognised her, but it was downhill from there. She found him overbearing, his insistence on touching her hands at every opportunity a bit weird.
But, in the era of the dating app, it's not just that there are plenty more fish in the sea; now you're armed with an industrial-sized fishing net that fits in your handbag.
Whitney's 24 and works in marketing. She's one of those people who uses her smartphone for everything. "We use apps for food, we use Uber to get around, we have a laundry app. It's like, why wouldn't we have a dating app?"
As Whitney speaks to me, she's absent-mindedly swiping through profiles of men on Tinder. "Swipe left if you don't like 'em, swipe right if you do."
I get her to stop on one - a good-looking 29-year-old whose profile pictures look suspiciously professional, if you ask me. It says he's based in Amsterdam, but currently is two miles away from Whitney.
"Now if I know they're not New Yorkers, I'll swipe no," Whitney says. "That usually just turns out to be someone looking for a quick booty call."
A booty call or hook-up is casual sex. Some apps - Tinder in particular - have a reputation for being only about casual hook-ups. But actually it seems you find people using them for anything and everything.
These days, Whitney says she's looking for something a bit more steady.
After leaving her to her date, I walk a few blocks away and find a bar to have some dinner. It's full of friends and colleagues meeting after work with the kind of waitresses who are so efficient they don't need to bother with being friendly.
It's not an obvious date venue and I'm taken aback when of all the bars in all of New York, Whitney and a man I assume is her date walk into mine. I make eye contact with her as they go past and I try quickly to wipe the look of recognition off my face and stare at the floor. A minute later, Whitney texts from the other side of the bar to explain: the first place they went to was too full, and by pure coincidence they ended up here.
On my way to the toilet, I have a sneaky glance at Whitney and her date - it looks like it's going well.
Dating apps are certainly a quick and easy way to meet new people. But they have their downsides too. With so many options out there, how can you settle on just one?
"You're racking up all these people digitally," one of Whitney's friends tells me, "but I don't get to know them and they don't get to know me. I feel like technology has really made dating very impersonal. It's depressing."
Another friend agrees: "If you're doing this right before bed and first thing in the morning, you can get in a very dark place."
People, it seems, have a love/hate relationship with dating apps. They talk about them having an addictive, game-like quality; they worry about how they're superficial and relationships can be fickle. But they keep coming back for more.
It feels like looking for love is becoming more and more like online shopping.
As for Whitney, she's said goodbye to the man from Tinder and slipped back into the bar to give me the verdict. Had I blown my cover when I spotted her? Thankfully, as a man having a beer on a Friday night, I'd blended in perfectly. And - even better news - the date went so well that Whitney stopped pursuing the other options she had lined up for that weekend.
There's since been a second and a third date and Whitney's sounding optimistic. She's promised that if they end up getting married, I'll be a guest of honour at the wedding.
The company says it will "continue to make tweaks"
Google is switching up how it displays ads on desktop searches, removing them from the right-hand side of results and putting them only at the top and bottom of the page. The change was first reported by The SEM Post with Google later confirming the move. Usually Google's ads are shown all over the page — a mixture of top, bottom, and right-hand positions, based on the specific query — but this change leaves the sidebar free for Google's Product Listing Ads.
GOOGLE SAYS THE CHANGE IS GLOBAL
But while the right-hand side ads are being removed for all queries, a fourth (additional) ad will be placed at the top of the page for certain lucrative searches — those for hotels or car insurance, for example. "We’ve been testing this layout for a long time so some people might see it on a very small number of commercial queries," said the company in a statement given to The Verge. "We’ll continue to make tweaks, but this is designed for highly commercial queries where the layout is able to provide more relevant results for people searching and better performance for advertisers." Google also confirmed that the change is global and affects all languages.
Tim Cook, the C.E.O. of Apple, which has been ordered to help the F.B.I. get into the cell phone of the San Bernardino shooters, wrote in an angry open letter this week that “the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create.” The second part of that formulation has rightly received a great deal of attention: Should a back door be built into devices that are used for encrypted communications? Would that keep us safe from terrorists, or merely make everyone more vulnerable to hackers, as well as to mass government surveillance? But the first part is also potentially insidious, for reasons that go well beyond privacy rights.
The simple but strange question here is exactly the one that Cook formulates. What happens when the government goes to court to demand that you give it something that you do not have? No one has it, in fact, because it doesn’t exist. What if the government then proceeds to order you to construct, design, invent, or somehow conjure up the thing it wants? Must you?
The F.B.I.’s problem is that it has in its possession the iPhone used by Syed Rizwan Farook, one of the San Bernardino shooters, but the phone is locked with a passcode that he chose. (The phone, which investigators found while executing a search warrant for Farook’s car, is actually the property of the San Bernardino County Health Department, Farook’s employer, which has consented to its search—and so, as Orin Kerr points out, on the Washington Post blog the Volokh Conspiracy, there is no Fourth Amendment issue there.) If the F.B.I. enters the wrong passcode ten times, the data may be turned to gibberish. And if the F.B.I. disables that feature, allowing it to enter every possible passcode until it hits the right one, it may still come up against another barrier: a built-in delay between wrong entries, so that typing in five thousand possibilities, for example, might take thousands of hours. Both sides agree that Apple has given significant technical assistance with the San Bernardino case already; in response to a separate warrant, it gave the F.B.I. the iCloud back-ups for Farook’s phone (the most recent was from some weeks before the shooting). In the past, in response to court orders, Apple has helped the government extract certain specific information from older iPhones—perhaps seventy times, according to press reports. But there is apparently no way for the company to do so on the newer operating system, iOS 9, which the shooter was using and which was built without a “back door.” In other words, there is no set of instructions or a skeleton key in a drawer somewhere in Cupertino that Apple could give the F.B.I. to allow it to get in.
And so Judge Sheri Pym, a California district-court magistrate, has ordered Apple to come up with a new software bundle that can be loaded onto the phone and, in effect, take over the operating system and tell it to let the F.B.I. in. (Apple will have a chance to object to the order in court.) As an added point of convenience, this bundle is also supposed to let the agents enter passcodes electronically, rather than tapping them in, which is one of the many points on which the government seems to have moved from asking for compliance with a subpoena to demanding full-scale customer service. In its request for the order, the government says that “Apple has the exclusive technical means which would assist the government in completing its search,” for a number of reasons. One is that iPhones look for a cryptographic signature before accepting operating-system software as legitimate. But the government, again, is not asking for a signature or even for the equivalent of a handwriting guide (which would be problematic, too) but for an entire ready-to-run bundle. It has said that it wants Apple to put in a code that makes the bundle usable only on Farook’s phone—but that is a desire, not a description of an existing, tested, software protection. (The government also says that it will pay Apple for its work.) The other reasons that the government says that Apple should be compelled to do this work come down to Apple being Apple—being a smart company that designs this kind of thing. What is the government’s claim on that talent, though? Would it extend to a former engineer who has left the company? The government’s petition notes that the operating system is “licensed, not sold,” which is true enough, but conveys the darkly humorous suggestion that Apple’s terms of service are holding the F.B.I. back.
It is essential to this story that the order to Apple is not a subpoena: it is issued under the All Writs Act of 1789, which says that federal courts can issue “all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.” Read as a whole, this simply means that judges can tell people to follow the law, but they have to do so in a way that, in itself, respects the law. The Act was written at a time when a lot of the mechanics of the law still had to be worked out. But there are qualifications there: warnings about the writs having to be “appropriate” and “agreeable,” not just to the law but to the law’s “principles.” The government, in its use of the writ now, seems to be treating those caveats as background noise. If it can tell Apple, which has been accused of no wrongdoing, to sit down and write a custom operating system for it, what else could it do?
In the motion filed on Friday, the government dismissed Apple’s objection by saying that it “appears to be based on its concern for its business model and public brand marketing strategy,” and that writing new code shouldn’t be an “undue burden”—one of the standards for applying the All Writs Act—since Apple writes a lot of code. This particular use of the All Writs Act is fairly novel, however. The precedent the government’s supporters cite is the use of All Writs in a 1977 Supreme Court decision involving telephone taps, called pen registers. In that case, the F.B.I. wanted New York Telephone, which was already helping it to set up a tap in an illegal-gambling sting, to let it use some spare cables that were, physically, in the same terminal box as those hooked up to the suspect’s phone. The telephone company told the F.B.I. to get its own wires and string them into the apartment of one of the alleged gamblers some other way. When the F.B.I. objected that the suspects might spot the rigged cables, the Court agreed that it could legitimately ask the telephone company for its technical help and “facilities.” But the F.B.I. wasn’t asking New York Telephone to design a new kind of cable.
If a case involving a non-digital phone network could be applied to smartphones, what technologies might an Apple precedent be applied to, three or four decades from now? (The N.S.A. used, or rather promiscuously misused, another pen-register case from the same era to justify its bulk data collection.) It no longer becomes fanciful to wonder about what the F.B.I. might, for example, ask coders adept in whatever genetic-editing language emerges from the recent developments in CRISPR technology to do. But some of the alarming potential applications are low-tech, too. What if the government was trying to get information not out of a phone but out of a community? Could it require someone with distinct cultural or linguistic knowledge not only to give it information but to use that expertise to devise ways for it to infiltrate that community? Could an imam, for example, be asked not only to tell what he knows but to manufacture an informant?
This is the situation that Apple is in, and that all sorts of other companies and individuals could be in eventually. There are problems enough with the insistence on a back door for devices that will be sold not only in America but in countries with governments that feel less constrained by privacy concerns than ours does. And there are reasons to be cynical about technology companies that abuse private information in their own way, or that jump in to protect not a principle but their brands. But the legal precedent that may be set here matters. By using All Writs, the government is attempting to circumvent the constitutionally serious character of the many questions about encryption and privacy. It is demanding, in effect, that the courts build a back door to the back-door debate.
Sir Clive Sinclair has slammed the UK government for failing properly to invest in spendingon IT over the past 30 years, meaning that it has fallen behind nations such as South Korea and China.
The inventor lamented the under-representation of IT in government going as far back as the 1980s.
"Unfortunately, our government has never devoted anything like sufficient money and other resources to IT, with the result that countries such as Singapore, Korea, Japan and China are probably the world leaders today, and of course India has many millions of coders and IT specialists who market their skills widely on the internet," he told V3.
One in four UK firms now recruit IT talent from overseas, and Sir Clive said that one reason for the country's skills shortage is the "ludicrous situation" that no scientists operate at the highest levels of government.
"We never seem to have any scientists in the Cabinet. The last time I checked - during the coalition government - there wasn't a single science graduate in the Cabinet. I don't know if that's still the case today but it wouldn't surprise me," he said.
"How can our country hope to capitalise on the scientific and technological skills of our people if there aren't a goodly number of scientists at Cabinet level? In an era when science and technology are so terribly important, it's a ludicrous situation."
Sir Clive believes that the situation has become "easier and harder" since his day in terms of opportunities for the manufacture of innovative new products, like the inventor's early ZX80, ZX81 and ZX Spectrum home computing machines.
"Easier, because the cost of taking a product to manufacture has come down, relatively speaking, with the help of technologies such as 3D printing," he said.
"But harder because there are so many new products being launched each year that the competition is much stiffer than it was in the 80s."
Sir Clive found it "sad" that the UK has declined in terms of producing the kind of expert coders that pioneered programming in the days of his ZX Spectrum computer.
"We've certainly gone backwards. In the 1980s, Britain was the world leader in coding for children, and the government should have put computing on the school syllabus then, not wait decades to do it," he said.
"I feel very sad that it happened that way. We could now still be a world leader, but many other countries have embraced coding and IT in their education systems considerably more than we have done."
In recent days, some Gmail users have been wondering and worrying about new emails popping up in their inboxes with a new unlocked icon.
Have no fear. As we mentioned on Tuesday, this is just Google's way of telling you that an email you've received isn't as secure as it should be.
Emails that have not been authenticated by TLS encryption (transport layer security) will show this red unlocked icon, but that doesn't necessarily mean that the sender is an evil spammer sneaking into your inbox.
What TLS encryption does is protect the security of email messages as they travel from sender to recipient. That encryption makes sure that the sender's email remains private, preventing third parties from taking a peek at the message or tampering with it as it makes its way to its final destination.
In May 2010, 11 450-pound humanoid robots posed before their proud "parents" and supporters in an office in Menlo Park, California.
Then, the lights went down and music rumbled on. With blue spotlights flashing, the robots began a coordinated dance to the '80s hit “Mr Roboto,” swiveling their heads, waving flags clutched in their "hands," and moving with flaunts and flourishes that had the crowd hooting with glee.
This raucous display was the "graduation ceremony" thrown for the 'bots by Willow Garage, the company that had created them. Each one had cost roughly $400,000. And they were all about to be given away to enter the real world for free.
Although the now defunct research-lab-startup hybrid might not ring any bells to you now, it was one of the most influential forces in modern robotics. The freewheeling robot collective jump-started the current race to apply robotics components like computer vision, manipulation, and autonomy into applications for everything from drones and autonomous cars to warehouse operations at places like Google, Amazon, and car companies like BMW. Google alone acquired three of the robot companies spawned by Willow.
Founded by an eccentric billionaire who preached a "robot revolution," Willow Garage made enormous strides in robotics hardware and software, most notably through the research bots, called PR2s, and the creation of an open-source robot operating system that's still being used by academics, engineers, and hobbyists around the world today.
At its apex, the Garage was a whimsical menagerie of really bright people with diverse specialties building really "smart" robots, until it ultimately succumbed to some of the same forces that have challenged many promising Silicon Valley startups.
Here's the fascinating story of how Willow Garage came to be, fell apart, and continues to live on today.
Not-so-humble beginnings Willow Garage founder Scott Hassan is a big-picture thinker. He's the kind of person who will veer from a conversation about telepresence into ruminating on what the world will be like once money becomes completely worthless because robots will be doing all our work for us.
He was one of the first people to invest in mysterious augmented reality Magic Leap back in 2012. Earlier this month, Magic Leap raised more than $700 million at a whopping $4.5 billion valuation.
In fact, he's the exactly kind of person who you would expect to get along with "moonshot" king and Alphabet CEO Larry Page.
Hassan met Page and Sergey Brin while working on an Integrated Digital Libraries project at Stanford. He ended up programming much of the original search engine that eventually became Google.
He also decided to invest $800 in the company 12 days after Page and Brin officially formed it 1998. He then founded his own company: An email-list service called eGroups.com that Yahoo bought for about $432 million in 2000.
Thanks to that success and his early Google stake, Hassan amassed the kind of money that eventually allowed him to buy office space in Menlo Park before he even knew exactly what he wanted to do with it. Its address — 68 Willow Road — ultimately inspired his new company's name.
No more reinventing the wheel Hassan convinced Steve Cousins, who had hired Hassan as an undergraduate intern at Washington University years earlier, to become Willow's first CEO.
“My job was to fill the building with interesting people doing interesting things around autonomous technology,” he tells Business Insider.
Hassan planned to dedicate enough funding to the startup to keep about 60 people working there per year, so they began hiring all the top roboticists and researchers they could corral.
Initially, the collective focused on personal assistants, driverless boats, and autonomous cars, but eventually focused on building programmable bots.
"We had this vision that came together through the people who were there," Cousins says. "Everybody brought something to the table."
Even back in 2006, at a time when Roombas were the only kind of robot most people had seen in real life, Hassan could vividly picture the world where general-purpose autonomous robots would fill our homes and help us with everyday tasks that we'd rather avoid. He wanted robots out in the world, but he knew that there was still a lot of groundwork that needed to get done first.
"I wanted the robot revolution to get here sooner," he tells Business Insider.
Hassan had long been a big believer in open source, so the team started focusing on a common operating system that roboticists everywhere could use to stop wasting time "reinventing the wheel" on every research project.
"Sharing was what was important," Hassan tells Business Insider. “We wanted to build something that could run on any other kind of robot anywhere else in the world."
Robot marathons and gourmet food In tandem with the Robotics Operating System (ROS), Willow was building robots to run it on.
To create the PR2s, the team made enormous strides in robot manipulation, human-robot interaction, perception, planning, and more.
The company had Silicon Valley's move-fast attitude, but a motto of "impact first and return on capital second."
It took about four years of hustling for Willow to be ready to release PR2 to the 11 hand-selected research institutions that had demonstrated worthy ambitions for the bots, which each had a no-cost, two-year lease, though every organization eventually found a way to keep their PR2 indefinitely. In that time, the ROS software had caught on beyond the team's wildest dreams, sky-rocketing the company's name into the mainstream.
To capitalize on and increase that recognition, Willow built up a robust intern program that ultimately shuttled more than 130 students or visiting researchers through its headquarters.
Spending time at WG soon became like a badge of honor in the robotics community. Several former employees used the phrase "Willow Mafia" to describe the resulting kinship, and one, Matei Ciocarlie, laughed recalling how at a massive robotics conference in 2010, the sheer number of Willow Garage T-shirts, sweaters, and backpacks popping up had blown him away.
"You knew you were contributing to something that was going to be big," Kaijen Hsiao, another Willow alum, said. "But it was also just a really great place to be. It was like a playground funded by a billionaire."
Like many Silicon Valley companies, Willow had fresh, communal meals prepared on site every day. Unlike with most other companies, you could also find robots folding laundry, playing pool, or fetching a beer in Willow's office.
The team had programmed PR2 to be able to plug itself in when running out of batteries, so they once tested its capabilities by making it run a 2 "pi" kilometer marathon (6.28 kilometers) around the office, recharging itself autonomously whenever it needed.
Every time Willow sold a PR2, the employee who led the sale would get to ring an honorary gong.
Closing the garage In 2011, once ROS had officially infected the robotics community and the initial PR2s had been distributed, Willow started to focus on other projects and spin-offs.
The company started exploring market opportunities for autonomous bots and educating the team about entrepreneurship.
In what several employees referred to as Willow's second act, it started selling its PR2s and spun off eight companies, including three foundations.
Google acquired three of the for-profits as part of its ambitious robotics buying spree. (Because Willow employees had stock in each spin-off, this proved good news for everyone.)
One of the ideas in particular fascinated Hassan. The team had hacked together an iPad-on-wheels to allow a remote employee to zoom around the office, which it refined into a robot called "Beam." The possibilities of telepresence (think videoconferencing with robots) inspired Hassan and he spun-off a team called Suitable Technologies in 2011, taking a bunch of WG employees with him.
That meant that from that point on, Hassan was funding two companies. Willow Garage was burning about $20 million a year. He had realized that getting autonomous personal robots into people's homes was still a long way off (although ROS could support countless functions, the cost of creating the hardware to handle something even as seemingly simply as picking up an article of clothing was magnitudes too expensive).
He finally decided to pull out his investment in 2013 late and focus all his resources on the more near-term telepresence market with Suitable.
Hassan describes Willow’s end unemotionally:
"I saw people starting to get restless, so I just decided to shut things down and go, 'You’re free!'" Hassan says. "And what happened next was, everyone started companies."
That did eventually happen, but not before Cousins and the rest of the team made one last attempt to save Willow.
"I’d put my heart and soul into the organization — I’d hate to lose it," Cousins says. "I wanted to see if we could keep it alive."
From February 2013 until August that year, all the remaining team members joined together to work on one product. Cousins managed to find someone willing to fund the new idea. However, the deal would have required Hassan to sell a big chunk of his ownership, which he didn’t want to do.
On the bright summer day when it became clear Willow was over, all the employees solemnly shut down their computers before tromping out to a local park for a giant softball game (though unfortunately the remaining PR2s weren’t invited).
Willow livin' on Almost everyone who stayed at Willow until the shutdown ended up either starting their own robotics company or joining one founded by fellow coworkers. Cousins, for example, now runs a company called Savioke, which makes robots that can deliver items to hotel guests.
"Willow went down but now we’re all like the Phoenix,” says Mizra Shah who worked at WG in its last year and a half, and is the cofounder and CTO of a robotics company called Simbe. "We’re out there building new things, stronger than before."
All told, Hassan says he poured more than $80 million into Willow Garage. But he considers the cost well worth the reward of robotics progress. And, as always, his sights are set on the future.
"In the next few years you’re going to see an explosion of robotics," he says. "It’s all happening right now. The rest of this decade is gonna be pretty crazy. By 2021, people are going to have robots all over their lives doing all these different tasks."
Last year, more than $150 million venture capital funding went to businesses that use Willow's ROS.
"A large portion of current roboticists in the world have one degree of separation with WG," says Maya Cakmak, another former employee. "I think in the future, when we look back, WG will be what Bell Labs or Xerox Parc was for personal computers, for robotics."
Skype users are at risk of being infected with a new trojan dubbed T9000 that can record video calls, audio calls and chat messages.
Researchers at Palo Alto Networks discovered the new type of backdoor malware and explained that once installed it can evade detection by many popular antivirus systems, including some big names such as Kaspersky and Panda.
The full list from Palo Alto of security firm's software it can dodge is: Sophos, INCAInternet, DoctorWeb, Baidu, Comodo, TrustPort, GData, AVG, BitDefender, VirusChaser, McAfee, Panda, Trend Micro, Kingsoft, Norton, Micropoint, Filseclab, AhnLab, JiangMin, Tencent, Avira, Kaspersky, Rising and Qihoo 360.
T9000 is a new variant of T5000, first spotted in 2013. The payload is hidden inside spearfishing emails with an infected .rtf document, but is sophisticated enough to get in through other means, when its controllers have the will.
Once installed the software can record Skype calls and upload them along with text chats to a server. It can also take regular screenshots. The only saving grace is that a user has to give it permission, albeit unknowingly.
An API request asking for permission for explorer.exe to access Skype appears. In reality this should never be needed so it should be quite clear it's dodgy.
The researchers explained: "The victim must explicitly allow the malware to access Skype for this particular functionality to work. However, since a legitimate process is requesting access, the user may allow this access without realising what is actually happening. Once enabled, the malware will record video calls, audio calls and chat messages."
A computer with granted permissions could also have documents stolen, even on removable drives. Skype is used more and more by businesses as part of the Office suite, so there is the potential for hackers to uncover potentially lucrative information.
Palo Alto has published a list of indicators that your machine is infected as the sheer complexity and audacity of T9000 means that prevention is more or less the only form of protection at the moment.
Meanwhile, Microsoft has said that it protects users from the malware with security updates. “To further protect our customers, we’ve added detection for the malicious software known as T9000 to Windows Defender," the firm said.
"Customers that have installed security updates released in 2012 (MS12-060) and 2014 (MS14-033), either manually or by enabling automatic updates, will already be protected. Our recommendation is to enable automatic updates, which installs the latest security protections, and to use the latest version of Skype."