Month: November 2022

Cryptocurrency exchange company Binance has released a new site that explains its proof-of-reserves system. The company is starting with BTC reserves. Right now, Binance has a reserve ratio of 101%. It means that the company has enough bitcoins to cover all users’ balances.

This move comes a couple of weeks after the collapse of FTX, another popular crypto exchange. In FTX’s case, the company faced a liquidity crisis. It stopped processing withdrawals because it couldn’t meet demand from investors and end users.

Crypto companies — and crypto exchanges in particular — have been trying to be more transparent about user funds since then. It means sharing more information about hot and cold wallets. But there’s still a lot of work ahead before you can completely trust crypto exchanges and how they handle funds.

A few weeks ago, Binance started by sharing wallet addresses with billions of dollars worth of crypto assets. With this move, the company proved that it does indeed hold a lot of assets and it can process a ton of withdrawals. But the company didn’t state clearly whether those are user assets, or Binance’s own balance sheet, or a mix of both.

With today’s new proof-of-reserves site, Binance clarified that point by saying that BTC wallets included in the proof-of-reserves system don’t include Binance’s own funds.

“It is important to note that this does not include Binance’s corporate holdings, which are kept on a completely separate ledger,” the company says. You will have to trust Binance’s word as you can’t verify that with a blockchain explorer.

Binance is starting with BTC holdings. Adding up the amounts in each of Binance’s wallet is easy. When it comes to user assets, the company is using a Merkle tree to include all individual user accounts and generate a cryptographic seal.

As of November 22nd at 23:59 UTC, Binance users collectively held 575742.4228 BTC — that’s around $9.5 billion at today’s exchange rate. And Binance had enough bitcoins in its own wallets to cover 101% of these funds. In other words, if everybody withdraws their BTC at the same time, Binance would have enough BTC to process all withdrawals.

Thanks to the Merkle tree, individual users can use the root hash to check whether their accounts are included in the snapshot of user balances. Binance says it includes user balances across various products — Spot, Funding, Margin, Futures, Earn and Options Wallet. The company also provides a short Python script so that you can check yourself.

“Given recent events, it is understandable that the community will demand more from crypto exchanges, far more than what is currently required of traditional financial institutions. That’s why we’re pleased to provide this latest feature for our users to verify their funds,” Binance founder and CEO Changpeng Zhao ‘CZ’ said in a statement. “As Binance’s user community is exponentially larger than the next largest exchange, this is a massive under-taking and will take a few weeks to develop the data for the majority of our assets in custody. We are working to get the next update out as quickly as possible to meet the community’s expectations.”

The company already plans to release similar proof-of-reserves information for ETH, USDT, USDC, BUSD and BNB in the future. Binance offers hundreds of different crypto assets so let’s hope that they can also cover withdrawals for lesser known cryptocurrencies.

Similarly, the company should work with independent financial and security auditing firms so that you don’t just have to blindly trust the company. There is still a long way to go, but at least today’s new proof-of-reserves system is a step in the right direction.

Binance launches proof-of-reserves system for BTC holdings by Romain Dillet originally published on TechCrunch

It hasn’t been a kind year for blockchain-based startup activity. In addition to an asset-price correction during a general venture capital slowdown, web3-focused tech upstarts have also had to deal with a series of intra-industry crises that have, at times, dominated technology headlines.

The Terra/Luna mess comes to mind. As does the meltdown of Three Arrows Capital. And that’s not to mention the rapid fall of FTX and its related entities.

The Exchange explores startups, markets and money.

Read it every morning on TechCrunch+ or get The Exchange newsletter every Saturday.

Amid all of the above, many folks building or investing in blockchain-based assets and protocols have kept their chins up. Evidence of that abounds — startups are still being founded and scaled in the web3 spaceand venture investors are still writing checks. Business as usual then, right?

Perhaps.

It’s worth recalling that in 2022, the pace at which venture capital dollars were disbursed into web3-focused companies — a broad term; I am not trying to weigh in on the crypto-versus-bitcoin argument — has declined this year. Crunchbase data examined by my alma mater Crunchbase News noted recently, for example, that after a Q4 2021 peak, capital raised by companies dealing with cryptocurrency or blockchains fell in each successive quarter through Q3 2022.

Has the FTX mess iced venture interest in crypto? by Alex Wilhelm originally published on TechCrunch

Amazon will shut down its food delivery business in India by the end of the year, the retailer said Friday, retreating from a vertical it entered less than three years ago.

The retailer will shut down the food delivery business, called Amazon Food, on December 29 in India. The company launched Food in India in May 2020 in parts of Bengaluru. The company later expanded the service across the city, tying up with additional restaurants, but it never heavily promoted or marketed the platform.

“Customers have been telling us for some time that they would like to order prepared meals on Amazon in addition to shopping for all other essentials. This is particularly relevant in present times as they stay home safe,” the company said at the time of Food launch.

It said Friday: “We don’t take these decisions lightly. We are discontinuing these programs in a phased manner to take care of current customers and partners and we are supporting our affected employees during this transition. Amazon remains focused on providing our growing customer base the best online shopping experience with the largest selection of products at great value and convenience.”

The announcement is part of company’s broader restructuring in India. Earlier this week, Amazon announced it would shut down its edtech service Academy in the country next year.

India is a key overseas market for Amazon, which hasdeployed over $6.5 billion in the local business in the country. But the company is lagging Walmart’s Flipkart in the country and struggling to make inroads in smaller Indian cities and towns, according to a recent report by investment firm Sanford C. Bernstein.

Amazon’s 2021 gross merchandise value in the country stood between $18 billion to $20 billion, lagging Flipkart’s $23 billion, the analysts said in a report to clients.

Amazon to shut down food delivery business in India by Manish Singh originally published on TechCrunch

Proton, the Swiss company behind a suite of privacy-focused products including email, has teased a fairly substantial upgrade for its flagship Proton Mailand calendar services.

Although Proton has expanded into cloud storage andVPNs through the years, encrypted email remains Proton’s bread and butter — and that is arguably the most interesting facet of its latest reveal.

Indeed, while Proton often positions itself as the antithesis of Google, from a privacy perspective at least, the company has revealed a busy roadmap for the coming months that will usher in a swathe of new features that are just a little reminiscent of Gmail. And that’s not a bad thing.

On schedule

Google has gone to great lengths to make its ecosystem of products as sticky as possible, and for the most part it has worked, with Gmail among the most widely-used email services on Earth.

From a consumer perspective, Gmail offers great utility, including an email categorization system that automatically groups inbound emails by type under separate tabs, helping users find specific kinds of emails (e.g. “social” or “promotions”). While this system may not be to everyone’s liking, and users can opt-out, it represents one of the many promises that Google makes to keep users coming back: “we’ll make your life easier,” is the general idea.

With that in mind, Proton Mail in the future will offer similar categorization functionality. This may raise some questions over how Proton will achieve this without compromising users’ data privacy, in that categorization is surely dependent on scanning content, but the company said that it’s working to implement this in a “fully private way” using the sender category. Taking this at Proton’s word, this could prove to be a popular feature, one that may help smooth the path for those looking to jump ship from Gmail.

Elsewhere, Gmail has offered message-scheduling for a few years already, allowing users to configure emails to send at a specific time and date, quite possibly when they’re fast asleep. Again, this is something that Proton is also now working on, bringing it closer to feature parity with Gmail.

Other new features coming up include email reminders, whereby users can set an alert to remind themselves to respond at a later time, while they will also be able to “snooze” emails which serves a similar purpose. This is similar to a feature that Gmail has offered since 2018.

And something more in line with Proton’s focus on privacy, the company said that it will be adding new features to block email tracking, so that companies or bad actors can’t know when an email was opened, thus rendering the data unusable.

As it stands, searching through emails in Proton Mail has its limitations. For those on the web, message content search is reserved for premium paid users, but on mobile it’s not really an option at all beyond metadata such as the subject line. In the future, Proton said that it’s expanding full message search to is mobile apps, with emails downloaded to a user’s device so they can use keywords to search message content via a locally-stored index.

It’s a date

Upcoming changes aren’t limited to Proton Mail though. The company is gearing up to launch a native Calendar app for iPhone in the next few weeks, nearly a year after it arrived on Android. On top of that, it will also be rolling out a new 3-day and 7-day view (similar to Google Calendar) within the Proton Calendar app, while there will also be a “full-agenda” view that displays a day’s planned activities in a chronological list replete with infinite-scrolling.

Finally, Proton will also allow users to create to-do lists and transform tasks into reminders that pop-up inside the Calendar app.

Integrations

As Proton continues to expand its product lineup, with its Proton Drive cloud storage service recently existing beta on the web, the company is now planning to roll out deeper integrations across its product suite. For example, email attachments that exceed Proton Mail’s 25MB limit will be automatically uploaded to Proton Drive, with the recipient able to access the file through a secure link — again, this is something that Google has offered since 2013.

And in April this year, Proton acquired email alias service SimpleLogin, a platform that allows users to shield their real email address when signing up for online services. Proton said that it plans to build tighter integrations between SimpleLogin’s email aliases and Proton Mail.

Finally, Proton also revealed that it’s brining single sign-on (SSO) to mobile, meaning that users of Proton’s various apps will only have to sign in once to access each individual service — this is currently available, but only through a web browser.

In terms of timescales, Proton isn’t divulging any specific dates for anything yet, though it did say that Proton Mail’s email-scheduling and email-tracking blocker will be arriving within the next month, as will the new iPhone Calendar app and the 3-day and 7-day Calendar views.

Everything else will be landing at various intervals throughout 2023.

Be like Gmail? Proton Mail will soon offer email categorization, message scheduling, and more by Paul Sawers originally published on TechCrunch

Analysts and e-commerce leaders have been predicting a muted online holiday shopping season this year, with sales in the first three weeks of November essentially flat over a year ago due to a weaker economy, inflation, and more people returning to shopping in stores again in the wake of the Covid-19 pandemic. But looking at Thanksgiving, the first big day of holiday spend, the numbers appear to be coming in stronger than expected. Adobe Analytics has published figures that indicate $5.29 billion was spent online on Thanksgiving Thursday. That is up 2.9% on a year ago, and ahead of the $5.1 billion Adobe initially said it was expecting the day.

Mobile devices continue to play a growing role in how people are shopping. Some 55% of online sales were on mobile devices yesterday, up 8.3% over a year ago.

“Mobile shopping had struggled to grow for many years, as consumers found the experience lacking compared to desktop,” said Vivek Pandya, lead analyst, Adobe Digital Insights, in a statement. “Thanksgiving this year has become an inflection point, where smartphones drove real growth and highlights how much these experiences have improved.”

Salesforce has, interestingly, more buoyant figures: it notes from its calculations, based on 1.5 billion shoppers, that looking worldwide, online sales grew 1% on Thanksgiving day to $31 billion, while in the U.S. specifically they were up 9% to $7.5 billion. Salesforce also said that 78% of sales traffic came from mobile devices. Average order values, it said, were $105 globally and $120 for U.S. sales.

They may have different figures, but both are seeing growth, so the bigger question may actually be whether the bump in activity seen on Thanksgiving will be sustained through the rest of Cyber Week — which includes today’s Black Friday, Cyber Monday, and the weekend in between — and indeed the rest of the days and weeks leading up to the New Year. Overall, Adobe has predicted that Cyber Week will generate $34.8 billion in online spend this year, up 2.8% on a year ago when the week brought in $33.9 billion in sales.

2021’s Cyber Week was actually down 1.4% compared to 2020, so this represents a turnaround.

As a point of comparison on those figures, the National Retail Federation is predicting holiday sales growth of 6% to 8%, while another analysis group, Digital Commerce 360, is predicting growth of 6.1% for the period.

Be that as it may, sales may not be totally sustained or even in the coming days. Adobe predicted that sales for today — the famous Black Friday — are expected to hit $9 billion, which is up only 1% on 2021 figures.

Adobe says that it analyzes some 1 trillion visits to U.S. retail sites, tracking sales for some 100 million SKUs and 18 product categories. Its analytics will include anonymized data from some of its customers: it says it is used by some 85% of the biggest online retailers in the U.S. It said that so far some $77.74 billion has been spent online since the first of November.

The holiday shopping season is an important period to track for a couple of reasons. First, it is traditionally a retailer’s most lucrative selling period, one that can make or break its whole year. (That is the reason why Amazon’s recent earnings, where it provided reduced sales guidance and warned of lower-than-expected holiday spending, sent its stock tumbling nearly 20%.)

Because of that outsized importance, collectively, e-commerce holiday figures can serve as a bellwether for the e-commerce market as a whole.

But if growth is what we’re after, there are some indicators of stormy waters ahead. Adobe found that the first three weeks of November saw flat online sales of $64.59 billion, up just 0.1% over 2021.

The shape of “holiday shopping” has changed massively with the rise of e-commerce. Shopping online extended the days and hours that people shopped — the day after Thanksgiving, Black Friday, used to mark the ‘first day’ of the holiday shopping season, but that went out the window years ago with sales starting on the Thursday, and people using the day off from work to get clicking. Now, both major and minor retailers are leaning into the ever-earlier start of holiday shopping as a way to try to bring in more sales in a tighter market. And they are offering more ways of paying: buy-now-pay-later was up 1.3% in terms of sales and 0.7% in terms of orders (indicating more of it being used for bigger-ticket items).

That’s against a backdrop of physical retailers getting increasingly aggressive in capturing back their audience. The National Retail Federation in the U.S. said it expects 166.3 million consumers to shop during the long weekend.

“While there is much speculation about inflation’s impact on consumer behavior, our data tells us that this Thanksgiving holiday weekend will see robust store traffic with a record number of shoppers taking advantage of value pricing,” NRF President and CEO Matthew Shay said in a statement. “We are optimistic that retail sales will remain strong in the weeks ahead, and retailers are ready to meet consumers however they want to shop with great products at prices they want to pay.”

Adobe notes that today, the biggest discounts it’s seeing online are in categories like toys (as much as 34% off listed price), electronics (27%), and computers (18%). Squishmallows, Roblox, Paw Patrol, Hot Wheels, Cocomelon and L.O.L Surprise Dolls are all selling well.

We’ll be posting more updates on sales figures as they come in.

Thanksgiving 2022 online sales pip past forecasts at $5.3B, up 2.8% on last year, mobile accounted for 55% of all purchases by Ingrid Lunden originally published on TechCrunch

Kubernetes is fast becoming an industry standard, with up to 94% of organizations deploying their services and applications on the container orchestration platform, per a survey. One of the key reasons companies deploy on Kubernetes is standardization, which lets advanced users see productivity gains of up to two times.

Standardizing on Kubernetes gives organizations the ability to deploy any workload, anywhere. But there was a missing piece: the technology assumed that workloads were ephemeral, meaning that only stateless workloads could be safely deployed on Kubernetes. However, the community recently changed the paradigm and brought features such as StatefulSets and Storage Classes, which make using data on Kubernetes possible.

While running stateful workloads on Kubernetes is possible, it is still challenging. In this article, I provide ways to make it happen and why it is worth it.

Do it progressively

Kubernetes is on its way to being as popular as Linux and the de facto way of running any application, anywhere, in a distributed fashion. Using Kubernetes involves learning a lot of technical concepts and vocabulary. For instance, newcomers might struggle with the many Kubernetes logical units such as containers, pods, nodes, and clusters.

If you are not running Kubernetes in production yet, don’t jump directly into data workloads. Instead, start with moving stateless applications to avoid losing data when things go sideways.

Understand the limitations and specificities

Once you are familiar with general Kubernetes concepts, dive into the specifics for stateful concepts. For example, because applications may have different storage needs, such as performance or capacity requirements, you must provide the correct underlying storage system.

What the industry generally calls storage “profiles” is termed Storage Classes in Kubernetes. They provide a way to describe the different types of classes a Kubernetes cluster can access. Storage classes can have different quality-of-service levels, such as I/O operations per second per GiB, backup policies, or arbitrary policies, such as binding modes and allowed topologies.

Another critical component to understand is StatefulSet. It is the Kubernetes API object used to manage stateful applications, and offers key features such as:

Stable, unique network identifiers that let you keep track of volume, and detach and reattach them as you please;
Stable, persistent storage so that your data is safe;
Ordered, graceful deployment and scaling, which is required for many Day 2 operations.

While StatefulSet has been a successful replacement for the infamous PetSet (now deprecated), it is still imperfect and has limitations. For example, the StatefulSet controller has no built-in support for volume (PVC) resizing — which is a major challenge if the size of your application data set is about to grow above the current allocated storage capacity. There are workarounds, but such limitations must be understood well ahead of time so that the engineering team knows how to handle them.

How to run data on Kubernetes: 6 starting principles by Ram Iyer originally published on TechCrunch

Brace for yet another expansion to the UK’s Online Safety Bill: The Ministry of Justice has announced changes to the law which are aimed at protecting victims of revenge porn, pornographic deepfakes and other abuses related to the taking and sharing of intimate imagery without consent — in a crackdown on a type of abuse that disproportionately affects women and girls.

The government says the latest amendment to the Bill will broaden the scope of current intimate image offences — “so that more perpetrators will face prosecution and potentially time in jail”.

Other abusive behaviors that will become explicitly illegal include “downblousing” (where photographs are taken down a women’s top without consent); and the installation of equipment, such as hidden cameras, to take or record images of someone without their consent.

The government describes the planned changes as a comprehensive package of measure to modernize laws in this area.

It’s also notable as it’s the first time it has criminalized the sharing of deepfakes.

Increasingly accessible and powerful image- and video-generating AIs have led to a rise in deepfake porn generation and abuse, driving concern about harms linked to this type of AI-enabled technology.

Just this week, the Verge reported that the maker of the open source AI text-to-image generator Stable Diffusion had tweaked the software to make it harder for users to generate nude and pornographic imagery — apparently responding to the risk of the generative AI tech being used to create pornographic images of child abuse material.

But that’s just one example. Many more tools for generating pornographic deepfakes remain available.

From revenge porn to deepfakes

While the UK passed a law against revenue porn back in 2015 victims and campaigners have been warning for years that the regime isn’t working and applying pressure for a rethink.

This has led to some targeted changes over the years. For example, the government made ‘upskirting’ illegal via a change to the law that came into force back in 2019. While, in March, it said ‘cyberflashing’ would be added as an offence to the incoming online safety legislation.

However it has now decided further amendments are needed to expand and clarify offences related to intimate images in order to make it easier for police and prosecutors to pursue cases and to ensure legislation keeps pace with technology.

It’s acting on several Law Commission recommendations in its 2021 review of intimate image abuse.

This includes repealing and replacing current legislation with new offences the government believes will low the bar for successful prosecutions, including a new base offence of sharing an intimate image without consent (so in this case there won’t be a requirement to prove intent to cause distress); along with two more serious offences based on intent to cause humiliation, alarm, or distress and for obtaining sexual gratification.

The planned changes will also create two specific offences for threatening to share and installing equipment to enable images to be taken; and criminalize the non-consensual sharing of manufactured intimate images (aka deepfakes).

The government says around 1 in 14 adults in England and Wales have experienced a threat to share intimate images, with more than 28,000 reports of disclosing private sexual images without consent recorded by police between April 2015 and December 2021.

It also points to the rise in abusive deepfake porn — noting one example of a website that virtually strips women naked receiving 38 million hits in the first eight months of 2021.

A growing number of UK lawmakers and campaign groups have been calling for a ban on the use of AI to nudify women since abusive use of the tech emerged — as this BBC report into one such site, called DeepSukebe, reported last year.

Commenting on the planned changes in a statement, deputy prime minister and justice secretary, Dominic Raab, said:

We must do more to protect women and girls, from people who take or manipulate intimate photos in order to hound or humiliate them.

Our changes will give police and prosecutors the powers they need to bring these cowards to justice and safeguard women and girls from such vile abuse.

Under the government’s plan, the new deepfake porn offences will put a legal duty on platforms and services that fall under incoming online safety legislation to remove this type of material if it’s been shared on their platforms without consent — with the risk of serious penalties, under the Online Safety Bill, if they fail to remove illegal content.

Victims of revenge porn and other intimate imagery abuse have complained for years over the difficulty and disproportionate effort required on their part to track down and report images that have been shared online without their consent.

Ministers argue the proposed changes to UK law will improve protections for victims in this area.

Commenting in another supporting statement, DCMS secretary of state, Michelle Donelan, said:

Through the Online Safety Bill, I am ensuring that tech firms will have to stop illegal content and protect children on their platforms but we will also upgrade criminal law to prevent appalling offences like cyberflashing.

With these latest additions to the Bill, our laws will go even further to shield women and children, who are disproportionately affected, from this horrendous abuse once and for all.

One point to note is that the Online Safety Bill remains on pause while the government works on drafting amendments related to another aspect of the legislation.

The government has denied this delay will derail the bill’s passage through parliament — but there’s no doubt parliamentary time is tight. So it’s unclear when (or even whether) the bill will actually become UK law, given there’s only around two years left before a General Election must be called.

Additionally, parliamentary time must also be found to make the necessary changes to UK law on intimate imagery abuse.

The government has offered no timetable for that component as yet — saying only that it will bring forward this package of changes “as soon as parliamentary time allows”, and adding that it will announce further details “in due course”.

UK to criminalize deepfake porn sharing without consent by Natasha Lomas originally published on TechCrunch

After messing up the first launch of Twitter’s “power to the people” verification system, Elon Musk said that the social network will tentatively roll out a new multicolored verification system next week.

The owner of Twitter said that, under this scheme, companies will get a gold checkmark, government officials will get a grey checkmark — probably similar to the “official” checkmark it’s currently trying out with some prominent accounts — and the blue checkmark will be dedicated to individuals even if they are not celebrities. That would mean that the blue check mark will be used with legacy verified accounts and folks who buy Twitter’s new $8 per month paid plan.

Musk added that the company aims to manually authenticate all verifications before the new verification system goes live. It’s not clear what he means by that as Twitter Blue subscribers will get a blue checkmark. Not only that, but Twitter’s reduced workforce will be under pressure to check every verification manually to avoid any impersonation or spam.

Musk further explained that individuals can have a second tiny logo to note if they are part of a certain organization. That organization also has to verify that the individual represents them or works with them in some way. He added that decision to apply blue checkmark to all individual accounts was taken as notability of a person is a subjective matter.

Earlier this month, Musk paused the revamped Twitter Blue program and said it would resume on November 29. However, this week, the Tesla CEO put this plan on hold until “there is a high level of stopping impersonation.” Notably, this was the first time he talked about using multiple colors for verification.

He didn’t specify if this new verification scheme will occur at the same time as the rollout of the relaunch of Twitter Blue. It’s likely that this verification relaunch is for existing verified accounts, companies, and government officials — and not paid subscribers — at the moment.

Twitter took another step to stop spam and fake accounts when Twitter Blue is finally relaunched. Last week, the company changed its terms so that newly created accounts have to wait 90 days from the date of account creation before they can buy a Twitter Blue subscription.

When Musk-led Twitter first rolled out the new verification program on November 9, many accounts began impersonating brands, athletes, and celebrities. That caused Twitter to halt the project immediately. Now, he is taking all measures possible to avoid that kind of chaos again.

Elon Musk says Twitter’s new multicoloured verification will launch next week by Ivan Mehta originally published on TechCrunch