These Two Hackers Made a Devastating MacBook Virus. So Apple Hired Them as Security Researchers.
Apple has hired two security researchers who previously worked on viruses targeting Mac computers.
LegbaCore founder Xeno Kovah revealed on Twitter in November that he and his partner, Corey Kellenberg, had been hired by Apple to do "low level security." The move went unnoticed until another security researcher revealed it during a presentation at a security conference in December.
LegbaCore was best known for developing a proof-of-concept virus-worm hybrid called Thunderstrike 2 that targeted Mac computers. The worm that Kovah developed was able to spread from MacBook to MacBook, even if the computers were not connected to the Internet.
interesting (and no-doubt unexpected) fact: today was @coreykal and my first day as full time employees of Apple!— Xeno Kovah (@XenoKovah) November 10, 2015
As we were having discussions with Apple in the wake of our presentation this summer...— Xeno Kovah (@XenoKovah) November 10, 2015
...it became clear that Apple had some *very* interesting and highly impactful work that we could participate in— Xeno Kovah (@XenoKovah) November 10, 2015
What did Apple hire us to do? We can’t say. :) Well, we can probably say something like “low level security” (I don’t know our job titles)— Xeno Kovah (@XenoKovah) November 10, 2015
"[The attack is] really hard to detect, it’s really hard to get rid of, and it’s really hard to protect against something that’s running inside the firmware," Kovah told Wired in July.
Kovah's worm virus was the first to attack Macs at the firmware level, according to Wired, which means it targeted the software that boots up before the computer's primary operating system, OS X. It's a valuable kind of attack because it usually can't be detected by antivirus and other security software.
After Thunderstrike 2 installed itself on a target's computer, it could spread to certain peripherals, such as a Apple-branded Thunderbolt Ethernet adapter, which would then spread the virus to other Macs it was plugged into.
But instead of exploiting their findings or selling it to the highest bidder, Kovah and team notified Apple of the vulnerabilities, which have since been fully patched. Although Apple does not pay "bug bounties" to researchers for finding security problems, the high road seems to have worked out for the founders of LegbaCore.
Uber Has a New Logo and It...Uh, What Is That?
Uber unveiled a new logo and app icon on Tuesday. The new look debuted alongside the latest Uber app update, version 2.118.8.
Uber's new app icon is already causing quite a stir on Twitter, with many quick to declare the app icon ugly. Of course, that's not uncommon when a hugely popular app significantly changes its look—just look at the uproar that sprang up when Spotify changed the specific shade of green it used in its app.
Aside from the new app icon, the only major change immediately noticeable in the update was a new splash screen that comes up when you first open the app. The splash screen shows off the new logo and icon, and we also get a brief glimpse of what the new icon looks like on a stark black background (which does make it somewhat resemble the Death Star from "Star Wars").
The typeface of the Uber logo has also been changed, firming up some of the small text flourishes found on the old one.
Uber has also announced the visual re-branding in a blog post, which details how the app's icons will change depending on regional colors and patterns.
Uber says that the "heart" of its new app icon is something it's calling "the bit," or the central square in the new logo. While that bit will remain the same throughout Uber's apps and website, the background and even the shape surrounding that tiny square will change to reflect a specific region or design theme.
Interestingly enough, Uber CEO Travis Kalanick was also personally involved in the new design, according to the blog post.
"One of the big changes over the years is that Uber no longer moves just people; we’re now moving food, goods, and soon maybe much more," Uber CEO Travis Kalanick writes in the blog post. "With the potential for many apps with many app icons, we needed one approach that connected them all. So we came back to our story of bits and atoms. You’ll see that both rider and driver icons have the bit at the center, and then the local colors and patterns in the background. This is a framework that will also make it easy to develop different icons for new products over time."
The NHL’s New Live-Sports App Is A Glimpse at the Future of TV
When Tim Cook announced the new Apple TV last fall, he said that "the future of TV is apps." This week, I got a preview of that future. And I'm impressed.
I'll get to that in a minute.
First, let's think about what it's currently like to watch TV or Netflix through an app on a connected device, like a Roku, game console, or Apple TV. It probably goes something like this: You open the app, select whatever you want to watch, and then sit back and watch it.
In that sense, it's not that much different than watching something on-demand on a traditional cable box, except it's easier to navigate and find what you want to watch, the remote control isn't awful, and it's an all around better user experience.
That's great. That totally works for apps like HBO Now and Netflix—apps you use to stream TV shows and movies. But that experience could be so much better for other types of programs you watch on TV, like sports, reality show competitions like "The Voice," or game shows.
That's the future I think Tim Cook envisions when he talks about the future of TV being apps.
I mentioned how I got a preview of this technology. Next week, the NHL will release NHL.TV, a new app that allows hockey fans to watch live, out-of-market hockey games, keep up with their favorite teams, and more.
NHL.TV was built by MLB Advanced Media (MLBAM), major league baseball's tech division. It's the same company that handles streaming video for HBO Now, the WWE, the MLB, and many others.
I checked out the app on Monday night. I'm not even a hockey fan, but what immediately piqued my interest was the new mosaic view, which allows you to watch as as many as six HD video feeds at a time. It only works on some games for now, but when it does work, it's an awesome way to watch a hockey game.
You can follow the puck on the main screen, or watch how the goalie made— or didn't make —a save. (The goalie cameras are actually on a slight delay, which gives the viewer time to move from one image to another.)
But you don't have to watch the game like that. If you'd like, you can just watch the normal, home team feed. Or the away team feed. Or highlights.
The point is that you have a choice in how you watch the game. And that's a completely different experience than watching a hockey game on TV, or even watching a hockey game in person.
All of it's in HD and at 60 frames per second, so it looks great. The app also has some other features that hockey fans will appreciate, like a dashboard that shows scores of current and recently played games.
This type of experience isn't limited to hockey. Major League Baseball is set to release an app this spring that will offer some of the same features, plus the ability to watch two games simultaneously.
Experiences like this are possible now because connected devices, like the new Apple TV and game consoles, have real processing power. They also allow for interactivity that wasn't possible with traditional TV.
It's by no means perfect, and for many sports fans apps like these may supplement their cable or satellite subscriptions. Contracts between TV networks and professional sports organizations limit what you're able to watch, especially when it comes to in-market games.
But the NHL.TV app, and soon, the MLB.TV app, offer a peek into how we're going to be watching, and interacting, with TV in the future.
What Keeps Facebook Up at Night: Ad Blockers
Facebook is starting to worry about ad blockers.
For the first time, the social network highlighted ad blocking technologies as a significant risk factor in its annual 10-K filing, noting that they have impacted its ad revenue "from time to time."
Although Facebook mentioned ad blockers in its 10-K last year, too, it did so only briefly as one of many things that could potentially impact its ads businesses, whereas it dedicated a whole section to the technology this time around.
The warning about ad blockers comes as Facebook delivered blockbuster fourth-quarter financial results and as its ad business appears to be firing on all cylinders.
Ad-blocking software, which nixes display advertising from websites, became a hot topic last year after an Apple operating-system update allowed ad blocking on iPhones and iPads for the first time.
Facebook makes about around 96 percent of its revenue from advertising, so if more people started using ad blockers on all of their devices, it could "adversely affect" Facebook's financial results.
Facebook notes that the adverse impact has so far has been on PCs, which represents a decreasing slice of its overall user base. But it notes that if ad blocking technology takes hold on mobile devices, its financials could be "harmed."
Here's how Facebook phrased the risk in its filings:
Technologies have been developed, and will likely continue to be developed, that can block the display of our ads, particularly advertising displayed on personal computers. We generate substantially all of our revenue from advertising, including revenue resulting from the display of ads on personal computers. Revenue generated from the display of ads on personal computers has been impacted by these technologies from time to time. As a result, these technologies have had an adverse effect on our financial results and, if such technologies continue to proliferate, in particular with respect to mobile platforms, our future financial results may be harmed.
Facebook isn't the only one fretting.
Last fall, Google's ads boss Sridhar Ramaswamy said that ad blockers were "a blunt instrument and we need to be worried."
See also: Facebook Explodes After Q4 Earnings Beat
All-Day Breakfast Is Saving McDonald’s—So the Chain Might Add More of It
McDonald's is testing an expanded all-day breakfast menu that includes McGriddle sandwiches, Candice Choi of the Associated Press reports. Adding to the all-day menu's offerings would fix customers' No. 1 complaint about the expanded breakfast hours: that the menu is too limited outside typical breakfast time.
"Many customers are frustrated about the limited menu," one franchisee wrote in response to a recent survey by Nomura analyst Mark Kalinowski. "I am in a McMuffin market that was almost evenly split, and I have customers furious that they cannot get biscuits. They feel that it is a sham or false advertising."
Another franchisee wrote: "Advertising ... leads consumers to believe that we have all breakfast items all day, and disappoints them when they cannot get all items when they come in. Customers say they are being misled." A third complained about "explaining to irate customers why the breakfast menu is so limited."
Expanding the menu has the potential to make a big impact on the chain's sales. McDonald's executives said all-day breakfast was a major driver behind the company's 5.7 percent uptick in U.S. same-store sales, or sales at stores open at least a year, in the most recent quarter.
But it also has the potential to complicate kitchen operations. Several franchisees complained that it was slowing down service during lunchtime hours.
One franchisee wrote in the survey by Kalinowski that all-day breakfast was "killing service and causing chaos in the kitchens during the non-breakfast times." The person added: "It has also caused management turnover, and crew turnover out of frustration. Employee morale is down because of it."
So far, the all-day menu—which launched in October—has been limited to a couple of breakfast sandwiches, pancakes, and sides.
Restaurants serve either McMuffin or biscuit sandwiches — not both — depending on local preferences. McGriddles and bagels aren't served, and hash browns, a McDonald's breakfast staple, aren't available at 10% of restaurants because they are made with the same fryers as the french fries.
This Startup Wants to Offer Really Fast Wireless Internet for Really, Really Cheap. Can it Work?
If you live in the U.S., you're familiar with the dismal state of Internet service. Chances are that if you can even get broadband where you live, then you have no choice whom you pay for service, you pay a lot, and your bill is only going to go up.
But that could be about to change. On Wednesday, the tech world learned about Starry, a company hoping to bring ultrafast wireless internet service to cities.
Starry won't have data caps, so you won't have to worry about streaming too much Netflix during a billing period. It won't require a technician to come to your home to install anything. It will be available at speeds up to 1 gigabit per second, which is much faster than your typical Internet connection. It won't have long-term contracts. And Starry promises that if you have an issue, a technician will call you within five minutes.
Oh, and it will be significantly cheaper than comparable service from your traditional Internet service provider like Time Warner Cable and Comcast.
The company hasn't gotten specific about pricing, but Chet Kanojia, Starry's founder and CEO, actually laughed when a reporter asked him whether it would cost less than typical broadband. "That's the easy part," he said, smiling. "Consumers want more competition, better products, and cheaper prices," Kanojia told reporters at a press event on Wednesday.
It almost sounds too good to be true.
And it sort of is—at least for now. The service isn't available yet. Starry says it will be beta testing in Boston, where the company is based, starting this summer, but it hasn't given a timeline for when the service be available anywhere else.
The primary reason there's pretty much no competition when it comes to Internet service is that the infrastructure that has been required to bring it to your home—cable and fiber—is expensive to install. Companies have to rip up a street or sidewalk to install it, so it doesn't make economic sense for more than one company to wire your home or building. It's similar to why you don't have a choice for an electric or gas company.
But Starry says it will get around this by transmitting internet service wirelessly to your home.
Here's how it is supposed to work:
Starry Beams, roughly 4-foot-high transmitters that are installed on the tops of buildings in a city or town, transmit a wireless internet signal in the form of millimeter waves. Subscribers install a small receiver—called a Starry Point—in their windows, which picks up the signal and converts it into one that a traditional router can then broadcast as normal WiFi.
Each Starry Beam can support "hundreds" of Starry Point antennas, Kanojia told Tech Insider in an interview.
The company calls Starry Internet a modular service because it requires little installation. The Beams may present a challenge to install—the company has to get rights to put them on the roofs of buildings—but most of them simply have to be plugged into a power outlet.
That's because only one out of every four or five Beams needs to be wired to a fiber connection—existing fiber infrastructure that's already installed in cities — because the Beams speak to one another to send data.
Kanojia said a city could be outfitted with Beams in a matter of "weeks, not months."
All of this sounds like great news for consumers. Competition in the broadband space is sorely needed, and Google's Google Fiber service, which is wiring some cities for high-speed internet and bringing competition to a handful of cities, has been slow to roll out.
We know that competition works. Last year, it came to light that AT&T was charging $110 a month for its gigabit internet service in Cupertino, California, $40 a month more than it charged for the same service in Austin, Texas, and Kansas City. In Austin and Kansas City, Google Fiber is available, but in Cupertino, AT&T was the only game in town that offered high speeds.
If Starry succeeds with its ambitious goal, which the company, and its high-profile investors, think it can do, then it will bring real competition to a space that has been dominated by monopolies. This will not only give consumers another choice for an ISP but it will also force big cable companies to lower their prices, ditch data caps, and improve customer service if they want to compete.
Of Course Someone Made an App for Getting a Divorce
A couple years ago, Uber used its technology to help couples who wanted on-demand weddings in San Francisco. Now, there's a startup that's trying to make getting a divorce just as painless.
Wevorce, a startup that has the goal of "[making] every divorce amicable," was founded by Michelle Crosby. When Crosby was a kid, her parents got divorced. But instead of being a cut-and-dry process, the divorce resulted in a drawn-out, years-long court battles.
"From a very young age, I knew how broken the system was," she told Business Insider. The worst part, Crosby says, happened when she was 9. She was asked in court which of her parents she would choose to live with if she got stranded on a desert island.
Since then, Crosby has gone to law school and practiced family law. In 2012 she founded Wevorce, and took the company through startup accelerator Y Combinator. Based in Boise, Idaho, the female-founded, 15-person startup has helped facilitate more than 300 divorces. The company says 98 percent of these divorces stayed out of court.
Wevorce's web-based platform allows couples to go through a collaborative divorce—one in which both partners work together to decide how to split assets and figure out how to coparent. It's a way to ensure that neither party is too disappointed when they finally sign the divorce papers.
Wevorce's website has five modules, including those that deal with child custody and financials. The last step wraps everything into a legal document for the couple.
The startup is available nationwide and works with a network of 600 attorneys, counselors, and financial professionals across the country that are able to connect with families who need their help.
On Wednesday, Wevorce announced it has raised a $3 million Series A round led by Techstars. Wevorce is planning to expand its services through a series of partnerships, including one with the U.S. military.
To date, Wevorce says it has processed over $40 million in assets through its platform. Wevorce's services start at $749. The average cost of a divorce in the US is $27,000.
Additionally, Wevorce speeds up the process of a divorce. A typical divorce takes over a year to finalize, but Crosby says Wevorce's divorces typically happen in less than 90 days.
See also: This Startup Wants to Bring Super-Fast, Wireless Internet to Your Home
These McDonald’s Mozzarella Sticks Have a Problem: No Cheese
McDonald's is under fire for serving mozzarella sticks that are missing a key ingredient: cheese.
Customers are posting countless pictures of hollowed-out mozzarella sticks online and accusing the burger chain of serving them "fried air."
McDonald's launched mozzarella sticks nationwide in January as part of a new promotion called McPick 2, which allows customers to pick two of the following for $2: a McDouble, a McChicken, small fries, and mozzarella sticks.
The mozzarella sticks are also available on their own, costing $1 for three sticks.
For many customers, all three of the mozzarella sticks in their orders are devoid of cheese filling, according to photos posted online.
Not all mozzarella sticks are hollow, however. We tried some in November, and all three sticks in our order contained cheese.
We reached out to McDonald's to find out why some sticks are being served without cheese, and we'll update this story when we hear back.
Here's what people are saying on Twitter.
Wall Street Is Punishing Tesla Right Now
Tesla shares are getting clobbered, down almost 20 percent this year after dropping another 3 percent on Tuesday to $191. That's far from their 2014 peak of nearly $300.
The latest dip is being chalked up to a research note from JPMorgan's Ryan Brinkman, in which his team reduced its expectations for Tesla's fourth-quarter earnings. (Compared with the rest of Wall Street, JPMorgan is relatively bearish on Tesla: Brinkman's target price is $180.)
The basis for this was Tesla's inability to deliver 4,000 Model X SUVs in the quarter. There are other reasons for the decline in January, most notably a move away from risky investments across the board.
The question of deliveries is important to Tesla's shareholders and is sure to be a big topic on next month's earnings call. But it is also a question both the company and the analysts seem to get wrong. Last year, CEO Elon Musk provided ambitious guidance on deliveries—55,000 vehicles—that Tesla later had to dial back.
Tesla, which will report its results next month, actually built about 500 Model X vehicles in total and delivered just over 200 in the fourth quarter. According to the automaker, it was producing roughly 250 Model X vehicles a week at the end of 2015—that translates into 1,000 a month and 3,000 a quarter, at least at the beginning of 2016.
Tesla shares endured a volatile end to 2015, and we've learned that the launch of the Model X, while on schedule, wasn't exactly easy: Both the vehicle's rear seats and its exotic "falcon wing" doors presented significant production problems.
But it wasn't as if Tesla was going to crank out more than 1,000 Model X vehicles a month immediately after launch. It's hard to understand how JPMorgan thought such production levels could be achieved, especially given that Tesla needed to keep its other car, the Model S sedan, on track.
Tesla just made its 2015 guidance for the full year's deliveries, coming in at slightly more than 50,000. The vast majority of that was Model S vehicles.
It's possible that Tesla will be producing and delivering more than 1,000 Model X vehicles each month by the end of the first quarter of 2016. But it is not there yet.
Unlike last year, Tesla is building and selling two vehicles, and one of them is a crossover SUV, currently the hottest segment in the auto industry. So if Musk says Tesla can deliver 75,000 to 100,000 vehicles in 2016, it may be withing reach—and the Tesla bulls will have their opportunity to see the stock recover from its latest plunge.
Oops: Uber Accidentally Revealed a Driver’s Tax Information and Social Security Number to Other Drivers
A bad bug in Uber's code resulted in one driver's personal tax information being accessible to U.S. drivers looking to get a head start on their taxes.
Over the weekend, Uber posted the 1099 tax information for 2015 in the Uber driver dashboard.
Soon after, drivers started reporting that the tax information on their account was incorrect. Instead, it all pointed to one woman: a driver in New Port Richey, Florida.
Any driver who had access to their tax information could see the driver's information, including SSN and address, but their own 1099 form was missing. It's unknown how many drivers accessed the information in the short time period it was displayed.
Uber confirmed the bug, and shut down the part of its platform where drivers could access their tax paperwork.
While many Uber drivers were concerned that it meant their information had been leaked to others, Uber reiterated that it only affected the one individual.
"We take partner privacy very seriously and make every effort to ensure the security of personal information. Due to a bug in our system, one partner’s 1099 information was viewable by other drivers for a short period of time. The bug has been fixed and we’re deeply sorry. We are in contact with the driver whose information was affected," an Uber spokeswoman told Business Insider.
Uber has promised to provide credit monitoring and other support to the affected driver. Everyone else will have to wait another week before their tax information will be posted again.
It's not the first time Uber has had a problem protecting driver's information. In May 2014, Uber said its database had been accessed by an unauthorized party and more than 50,000 drivers had their information compromised. The company recently agreed to pay a $20,000 settlement with the state of NY for not notifying its New York-based drivers in an expedited manner.